PfBlockerng googleadservices



  • Hello,

    I've set up the DNSBL feeds using the Basic instructions of BB in the pfblocker 2.0 with DNSBL topic:

    yoyo
    http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext

    hpHosts_ads
    http://hosts-file.net/ad_servers.txt

    Adaway
    https://adaway.org/hosts.txt

    Cameleon
    http://sysctl.org/cameleon/hosts

    If i search in google, I notice I still see the Advertising links of google and google shopping, I don't know if this can be blocked? However if I whitelist that domain (www.googleadservices.com or .googleadservices.com), I notice in the alerts tab that's in the whitelist, however when I click on a google shopping link the web page is blank. Any ideas, the best solution for me is to block the links in google, so users can't click on it.

    Thanks for your help!

    Regards.
    cooLopke


  • Moderator

    First step is to make sure that your LAN device has its DNS settings only pointing to pfSense… This way all DNS requests are filtered. If you add a domain to the whitelist from the Alerts Tab, it takes effect immediately. Adding a domain manually to the whitelist, requires a "Force Reload - DNSBL"...

    Once you have whitelisted a Domain, your browser/os might still be caching the domain address... So you should clear the browser/os cache...

    There are others lists that can be added to DNSBL... More posted in the same thread...

    If you see an AD that gets thru, right-click on it, then select "inspect" and if its a domain as the src of the AD, then that can be added to a DNSBL Customlist to block it...



  • How do you add a domain with  a wildcard though?  Say I want to add *.doubleclick.net and *.doubleclick.com


  • Moderator

    @BiloxiGeek:

    How do you add a domain with  a wildcard though?  Say I want to add *.doubleclick.net and *.doubleclick.com

    If you are talking about Whitelisting, then you can prefix a "dot" in front of any domain, and that will whitelist the whole domain/sub-domains.

    For blocking a domain:

    With TLD:

    once you add "example.com", the domain example.com is blocked plus any sub-domains.

    Without TLD:

    Only the domains listed are blocked… So you would have to add each sub-domain independently...

    Wildcards (*) are not usable in the Resolver…



  • @BBcan177:

    @BiloxiGeek:

    How do you add a domain with  a wildcard though?  Say I want to add *.doubleclick.net and *.doubleclick.com

    If you are talking about Whitelisting, then you can prefix a "dot" in front of any domain, and that will whitelist the whole domain/sub-domains.

    For blocking a domain:

    With TLD:

    once you add "example.com", the domain example.com is blocked plus any sub-domains.

    Without TLD:

    Only the domains listed are blocked… So you would have to add each sub-domain independently...

    Wildcards (*) are not usable in the Resolver…

    Think I got it working like I expected it to.  At first ads were still getting through then I noticed the Enable TLD checkbox.  Enabled that and it's blocking ads.

    I'm used to the way that pi-hole blocks DNS, working to get pfBlockerNG set up to be similar before I make the switch so I can keep the wife happy.

    I'm on 2.3.3, self-built system is a Celeron dual core 2.8GHz with 8G of memory dual Gigabit NICs.  Seems like that should be enough horsepower to keep things running smoothly but if I'm missing something let me know please.


  • Moderator

    You can always run dual systems and define which LAN devices use which DNS Server… then after getting everything working as expected, move devices to point to pfSense and DNSBL...



  • @BBcan177:

    First step is to make sure that your LAN device has its DNS settings only pointing to pfSense… This way all DNS requests are filtered. If you add a domain to the whitelist from the Alerts Tab, it takes effect immediately. Adding a domain manually to the whitelist, requires a "Force Reload - DNSBL"...

    Once you have whitelisted a Domain, your browser/os might still be caching the domain address... So you should clear the browser/os cache...

    There are others lists that can be added to DNSBL... More posted in the same thread...

    If you see an AD that gets thru, right-click on it, then select "inspect" and if its a domain as the src of the AD, then that can be added to a DNSBL Customlist to block it...

    Hello BBCan,

    Thanks for your reply.

    googleadservices.com is blocked by the hpHost_ads DNSBL Feed, however the advertising links are still appearing when I search something in google. If I click on inspect element, I see http://www.googleadservices.com/pagead/…..

    Any ideas? I don't have TLD enabled.

    Thanks in advance.

    edit: enabled TLD, still the same result, advertising elements appearing in google. Any help on this? When I click on the elements then it's a blank screen, so it's blocked, but the elements itself are still appearing.
    Also my DNS is pointing to pfsense + i've reloaded the DNS Feeds and forced the update + Cleared cache + I've also even rebooted pfsense.


  • Moderator

    example.com            (domain)
    www.example.com    (Sub-domain)…

    So without TLD, you have to block all variations..
    With TLD, if example.com is blocked, then all Sub-domains are also blocked…

    Did you run a    Force Reload - DNSBL    for the    TLD    change to take effect?



  • @BBcan177:

    example.com            (domain)
    www.example.com    (Sub-domain)…

    So without TLD, you have to block all variations..
    With TLD, if example.com is blocked, then all Sub-domains are also blocked…

    Did you run a    Force Reload - DNSBL    for the    TLD    change to take effect?

    Force reload - DNSBL where can I find that? I can only find the restart service button in the services menu.
    edit: nevermind found the option. I'm curious if it works now =)


  • Moderator

    Update Tab… Then select "Reload", then select "DNSBL"



  • @BBcan177:

    Update Tab… Then select "Reload", then select "DNSBL"

    I've done this, I notice:

    Assembling database… completed
    Executing TLD
    TLD analysis. completed
    Finalizing TLD...  completed

    Original    Matches    Removed    Final

    70323      13753      38234      32089

    Validating database... Skipped [ 02/22/17 17:28:31 ]
    Reloading Unbound…. completed
    DNSBL update [ 32089 | PASSED  ]… completed

    However the ads of googleadservices.com (google shopping) are still appearing when I search in google :(. I don't understand. Browser cache cleared.

    edit: added googleadservices to TLD blacklist:

    Executing TLD
    Blocking full TLD/Sub-Domain(s)... |googleadservices|steepto| completed
    TLD analysis. completed

    After that I still notice the google shopping ads. However the steepto ads are not appearing, so that is working!


  • Moderator

    Run these commands to see whats listed in DNSBL:

    grep "googleadservices.com" /var/db/pfblockerng/dnsbl/*
    grep "googleadservices.com" /var/unbound/pfb_dnsbl.conf
    

    So with TLD enabled, and any list posting "googleadservices.com", it should be blocking all sub-domains…

    Try to ping those domains:

    ping googleadservices.com
    ping www.googleadservices.com
    

    If they are listed above, then they should reply back with the DNSBL VIP address…

    Check you settings to make sure your LAN device browser/OS is not caching the domain, and that you don't have another DNS server listed and causing the DNS request to be bypassed...


  • Moderator

    edit: added googleadservices to TLD blacklist:

    Executing TLD
    Blocking full TLD/Sub-Domain(s)… |googleadservices|steepto| completed
    TLD analysis. completed

    You don't want to add domains to the TLD Blacklist… The TLD Blacklist is used to block a TLD... like "ru" or "cn" or "top" or "pw" etc...

    If you want to add Domains to be blocked... you can add them to a DNSBL Group - Customlist at the bottom of any DNSBL Group page...



  • @BBcan177:

    edit: added googleadservices to TLD blacklist:

    Executing TLD
    Blocking full TLD/Sub-Domain(s)… |googleadservices|steepto| completed
    TLD analysis. completed

    You don't want to add domains to the TLD Blacklist… The TLD Blacklist is used to block a TLD... like "ru" or "cn" or "top" or "pw" etc...

    If you want to add Domains to be blocked... you can add them to a DNSBL Group - Customlist at the bottom of any DNSBL Group page...

    Ok, I'll do that. Thanks. Ok, so steepto is working, If I ping to googleadservices.com I get the DNSBL VIP address. So that's working. I'll grep the output later, because I don't have that mucht time at the moment.

    Now I noticed the elements in google are from www.google.be itself, so probably that's why it isn't blocked I guess? However when I click on the link it redirects to googleadservices.com which results in a blank screen. So I guess there is no possible way to remove those ads in google search? If I use the ublock origin plugin in google chrome, it is blocking the advertising links, so I thought it would also work with pfBlockerNG.



  • @BBcan177:

    Run these commands to see whats listed in DNSBL:

    grep "googleadservices.com" /var/db/pfblockerng/dnsbl/*
    grep "googleadservices.com" /var/unbound/pfb_dnsbl.conf
    

    So with TLD enabled, and any list posting "googleadservices.com", it should be blocking all sub-domains…

    Try to ping those domains:

    ping googleadservices.com
    ping www.googleadservices.com
    

    If they are listed above, then they should reply back with the DNSBL VIP address…

    Check you settings to make sure your LAN device browser/OS is not caching the domain, and that you don't have another DNS server listed and causing the DNS request to be bypassed...

    This is the output for the 1st command:

    /var/db/pfblockerng/dnsbl/yoyo.txt:local-data: "googleadservices.com 60 IN A 10.10.10.1"
    

    The second command:

    local-zone: "googleadservices.com" redirect local-data: "googleadservices.com 60 IN A 10.10.10.1"
    

    I think everyting is ok, If I ping I get a reply of the 10.10.10.1 interface (DNSBL VIP address), but I guess it's because the elements are from google itself. I also have it with adaway on my mobile phone, only with adblock plugins the advertising links are not appearing. How can the adblock plugins determine that, don't they work the same way?

    Thanks for your help BB.


  • Moderator

    @cooLopke:

    So I guess there is no possible way to remove those ads in google search?

    DNSBL can't manipulate the Web page like a browser extension. So when you see (AD) in Google search, clicking on those may result in a blank page since DNSBL may be blocking those domains.


Log in to reply