4. PfBNG DNSBL + HTTPS

PfBNG DNSBL + HTTPS

  • D
    Banned

    Recently, I'm seeing pretty much nothing logged any more when it comes to blocked HTTPS requests… Apparently, with newer browsers' versions, the lighttpd debug trick no longer works. So, here's a bunch of ideas:

    • the self-signed cert should definitely be SHA2, not SHA1
    • it'd probably help to let people select their own cert from those installed on pfSense
    0
  • Moderator

    The self-signed cert will never match the request Domain name anyways… Its only used to allow the browser to terminate the connection and lighttpd to try query the error.log for the https details if available...

    Not sure what else can be done with the existing methodology... The best would be to add the Unbound python feature support and collect the details that way without requiring Lighttpd at all..

    Which pfSense OS and Browser?

    0
  • D
    Banned

    2.3.3 snapshots, browser being mostly Chrome. Why's unbound compiled without python, no idea.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy