Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Syntax for bulk adding Domain Overrides to DNS Resolver

    Scheduled Pinned Locked Moved General pfSense Questions
    22 Posts 4 Posters 5.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      RickyBaker
      last edited by

      Soooo i pared down the list extensively and when I applied the changes, google's name servers were still blocked by pfsense.  Here's the list from the unbound_domains2block txt file, with names changed to protect the innocent:

      local-zone: "*.licenses.example.com" redirect
local-data: "*.licenses.example.com A 0.0.0.0"
local-zone: "*.examplelogin.com" redirect
local-data: "*.examplelogin.com A 0.0.0.0"
local-zone: "ims-na1.examplelogin.com" redirect
local-data: "ims-na1.examplelogin.com A 0.0.0.0"
local-zone: "ims-prod06.examplelogin.com" redirect
local-data: "ims-prod06.examplelogin.com A 0.0.0.0"
local-zone: "ims-prod07.examplelogin.com" redirect
local-data: "ims-prod07.examplelogin.com A 0.0.0.0"
local-zone: "exampleid-na1.services.example.com" redirect
local-data: "exampleid-na1.services.example.com A 0.0.0.0"
local-zone: "na1e-acc.services.example.com" redirect
local-data: "na1e-acc.services.example.com A 0.0.0.0"
local-zone: "na1r.services.example.com" redirect
local-data: "na1r.services.example.com A 0.0.0.0"
local-zone: "ems.example.com" redirect
local-data: "ems.example.com A 0.0.0.0"

      Any idea why any of these would block google's name servers?

      1 Reply Last reply Reply Quote 0
      • R Offline
        RickyBaker
        last edited by

        Realizing that I had a much more managable set of domains to enter into the default gui I decided to try these domains out one by one.  I was able to input all but the 2 at the top with the wildcard and the Google nameservers went unblocked.  The ones with the asterix gave this error:

        The following input errors were detected:
A valid domain must be specified.

        Now maybe the issue with this new paired down list was the asterix, and it wasn't just Google's name servers that were being blocked but maybe EVERYTHING?  However, looking at my old 180 domain long list, there are no entries that begin with a wild card, but a few that end it one.  However, Testing this pared down version without asterixes still blocks google's name servers.

        Finally, I also tested with the redirect to 127.0.0.1 with the same results as 0.0.0.0

        So I'm still curious why using the domains in a text file like you suggested @johnpoz is blocking Google nameservers (and possibly everything?) and also curious if I can use a wildcard symbol for domains in the default UI to accomplish "*.licenses.example.com"?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.