PfBlockerNG Not Blocking Porn
-
Blocking porn is really difficult with DNSBL… There are millions of domains ....
I don't know if this is something you're interested in BBCan, but if you are shallalist (and a few others) are pretty decently maintained lists for blocking porn and a few other categories. They work really well with pfBNG & DNSBL.
The ways to get them working with DNSBL are kind of rudimentary and obscure right now, if you were to implement a built in way to use them I think it would be extremely popular.
Squid is just to flaky and invasive on HTTP/S to be useful for stuff like blocking porn. pfBNG just works, well.
-
Why don't you use open dns family shield ?
-
Blocking porn is really difficult with DNSBL… There are millions of domains ....
I don't know if this is something you're interested in BBCan, but if you are shallalist (and a few others) are pretty decently maintained lists for blocking porn and a few other categories. They work really well with pfBNG & DNSBL.
The ways to get them working with DNSBL are kind of rudimentary and obscure right now, if you were to implement a built in way to use them I think it would be extremely popular.
Squid is just to flaky and invasive on HTTP/S to be useful for stuff like blocking porn. pfBNG just works, well.
future build of pfblockerng will have option to use shallalist/UT1/squidblacklist
@BBcan177 is working on it, this feature is in beta right now, i personally don't feel the need of squidguard anymore.
-
That is awesome! I love BBCan's work!
-
That is awesome. I was able to get the shalllist to work by following these instructions >> https://forum.pfsense.org/index.php?topic=120072.0#msg664172
It doesn't block out everything but it seems to be working better then squid guard. I feel with pfBlock, blocking serveral sites manually, forcing google restricted search, and keeping and eye on squid proxy logs is the best way to go. I've tried SquidGuard and I always found my self thinking is this thing even working!!! There are people that live by SquidGuard but I spent weeks trying to get basic settings to work. PfBlockerNG worked immediatley with results I can count on. Feel like I'm on an infomercial here.Thanks guys for all of your help on this! :)
-
So I'm blocking porn, that's great! But the problem I'm running into now is I can't watch any howto videos on youtube because the host is forcing restricted mode. Is there a way to only for kids into restricted mode vs the entire network?
-
So I'm blocking porn, that's great! But the problem I'm running into now is I can't watch any howto videos on youtube because the host is forcing restricted mode.
Perhaps try some other site for p0rn howtos? :P
-
So I'm blocking porn, that's great! But the problem I'm running into now is I can't watch any howto videos on youtube because the host is forcing restricted mode. Is there a way to only for kids into restricted mode vs the entire network?
The easiest way is to get another AP for the kids and put it on a separate interface/subnet. Then just apply all of this stuff to that subnet only.
A work around would be to connect to a VPN on the computer you are using (unless you are effectively blocking VPN IP's with a list). -
future build of pfblockerng will have option to use shallalist/UT1/squidblacklist
@BBcan177 is working on it, this feature is in beta right now, i personally don't feel the need of squidguard anymore.
Hi,
from which build on the option shallalist will be available in pfblockerng? I can not find it in the current version (2.1.2 - under pfSense 2.4.0 release).
Regards
-
good morning
at this moment shalla list used as dnbl feed list into dnsbl not block ( block only site without www ex block mybadsite.com but forward www.mybadsite.com)someone has found a solution ?
thanks Alberto
-
Enable the "TLD" option… Click on the blue infoblock icon for more details about TLD...
-
I've found over the years that trying to block porn is a losing battle. Short of white listing or unplugging the internet…
-
good morning all
there are some news for use dnsbl as content filter
ex with shalla dbase as dicussuion in this post ?thanks again Alberto
-
try adding new porn blacklist
https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/porn/hostsyou can read more about it here: https://github.com/StevenBlack/hosts
thanks for this,
i wanted to setup with my existing SquidGuard Proxy Filter. (Currently using http://www.shallalist.de/Downloads/shallalist.tar.gz)
regards,
kaushal -
Hello
with shallalist I filter domains whitout www, but when i tried same domains with www prefix, doesn't work.
Any ideas?
Thanks -
@chuane said in PfBlockerNG Not Blocking Porn:
with shallalist I filter domains whitout www, but when i tried same domains with www prefix, doesn't work.
You will need to enable the "TLD" option, otherwise it will only block the domain that is listed in the Feed, and not block all Sub-domains.
A Force Reload - DNSBL will need to be run for it to take effect.
-
Thanks for response!
I have this option checked, but It doesn't work.
Same problem. -
Hello.
I found the problem.
I see this here https://forum.netgate.com/topic/102967/pfblockerng-v2-1-w-tldTLD Domain Limit Restrictions:
< 1.0GB RAM - Max 100k Domains
< 1.5GB RAM - Max 150k Domains
< 2.0GB RAM - Max 200k Domains
< 2.5GB RAM - Max 250k Domains
< 3.0GB RAM - Max 400k Domains
< 4.0GB RAM - Max 600k Domains
< 5.0GB RAM - Max 1.0M Domains
< 6.0GB RAM - Max 1.5M Domains
< 7.0GB RAM - Max 2.5M Domains
> 7.0GB RAM - > 2.5M DomainsThanks
-
@BBcan177 said in PfBlockerNG Not Blocking Porn:
Blocking porn is really difficult with DNSBL… There are millions of domains ....
This you can do:
Enable the TLD option, and add "xxx" to the TLD Blacklist customlist.... Then it will block any domain in the "xxx" TLD...
In EasyList, there are Adult Popups that are blocked, but that just removes the Adult AD popups, and not the Adult sites themselves...
A Proxy will be the best option to filter that type of content... SquidBlacklist/UT1 have some Adult categories which list quite a few Adult domains... Its not foolproof either.... Just be careful about MITM SSL issues...
I would recommend OpenDNS. By the way, on Google you can do this: http://www.google.com/preferences.
