Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I figure out if pfblockerNG is blocking a site?

    pfBlockerNG
    4
    7
    4.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfsensory
      last edited by

      I am completely unable to connect to a certain site (anveo.com) from my network.  The IP address is resolvable in DNS resolver, but pings result in 100% packet loss and no connectivity.  The address does not show up anywhere in my logs, so I can't figure out what is blocking access to that site.  I suspect that pfblockerNG is blocking it.  I added a whitelist entry (DNSBL - Custom Domain Whitelist), but this does not seem to help.  I am able to access the site without difficulty if I use an alternate connection (e.g. hotspot through my phone), so the site is definitely working and the issue is at my end.  Can anyone suggest any way to track this down and fix it?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Certainly not DNSBL if you can resolve it to the proper IP (not the DNSBL one).

        1 Reply Last reply Reply Quote 0
        • P
          pfsensory
          last edited by

          Do you think it is possible that Snort could be blocking it?  I am really confused as to why I cannot access this website.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            Well you really need to look at the logs (and your log settings if there's nothing in there).

            1 Reply Last reply Reply Quote 0
            • P
              pfsensory
              last edited by

              It doesn't seem to show up in any of the logs.  I am completely baffled.

              1 Reply Last reply Reply Quote 0
              • BBcan177B
                BBcan177 Moderator
                last edited by

                @pfsensory:

                It doesn't seem to show up in any of the logs.  I am completely baffled.

                If its blocked via DNSBL, you can hit F12 in the browser and goto "Dev mode", then goto "Console" and see the errors… That will indicate all the domains that are blocked... Sometimes there are CNAMEs that can blocked, so need to pay more attention to the Alerts Log...

                If its being blocked via an IP Blocklist, ensure that all your IP Aliases have "logging" enabled...

                Can also try to resolve the Domain and see what the DNS response is, or try to ping the IP address...

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                1 Reply Last reply Reply Quote 0
                • T
                  tsberry901
                  last edited by tsberry901

                  You can temporarily disable DNSBL blocking by:

                  1. Going to Firewall-->pfBlockerNG-->DNSBL
                    and unticking "Enable DNSBL"

                  2. Going to Firewall--> pfBlockerNG-->Update
                    and running (forcing) an update.

                  3. Going to Status-->DNS Resolver and clicking the "restart service" icon.

                  Now try to reach your previously blocked web site again.
                  If you can now reach it, then DNSBL is the culprit.

                  To turn DNSBL back on, tick "Enable DNSBL",
                  and do steps 2 and 3 again.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.