Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNSBL feed failed: Domainname length overflow

    Scheduled Pinned Locked Moved pfBlockerNG
    4 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nathan.snow
      last edited by

      I finally figured out how to use the feeds in the DNSBL and I obtained a number of the usual Easylists that many adblockers subcribe to. However, some of the entries in the list seem to exceed some sort of domain name length. I have included one of the log entries below for reference, but this is happening for multiple lists.

      The reason I'm getting the lists in this manner is due to the included easylist not working (as I would expect them to). I opened the included reference link on the DNSBL page in pfSense to the easylist they use and it's surprisingly short. I suspect this is why it blocks practically no ads. So, I obtained the actual lists and most are working fine and ads are being blocked successfully. However, some of the lists fail with the below error. Is this a known error with a workaround/config change, or am I stuck?

      Easylist location (make sure you get the raw URL for each or it won't work at all):
      https://github.com/easylist/easylist/tree/master/easylist

      Link from DNSBL pfSense page:
      https://easylist-downloads.adblockplus.org/easylist_noelemhide.txt
      https://easylist-downloads.adblockplus.org/easyprivacy.txt

      Scroll to the end of the string for error code

      
[ DNSBL FAIL ] [ Skipping : easylist_adservers ]

[1493529476] unbound-checkconf[66238:0] error: error parsing local-data at 1 '||doubleclick.net^$third-party,domain=3news.co.nz|92q.com|abc-7.com|addictinggames.com|allbusiness.com|bizjournals.com|bloomberg.com|bnn.ca|boom92houston.com|boom945.com|boomphilly.com|break.com|cbc.ca|cbs19.tv|cbs3springfield.com|cbslocal.com|complex.com|dailymail.co.uk|darkhorizons.com|doubleviking.com|euronews.com|extratv.com|fandango.com|fox19.com|fox5vegas.com|gorillanation.com|hawaiinewsnow.com|hellobeautiful.com|hiphopnc.com|hot1041stl.com|hothiphopdetroit.com|hotspotatl.com|hulu.com|imdb.com|indiatimes.com|indyhiphop.com|ipowerrichmond.com|joblo.com|kcra.com|kctv5.com|ketv.com|koat.com|koco.com|kolotv.com|kpho.com|kptv.com|ksat.com|ksbw.com|ksfy.com|ksl.com|kypost.com|kysdc.com|live5news.com|livestation.com|livestream.com|metro.us|metronews.ca|miamiherald.com|my9nj.com|myboom1029.com|mycolumbuspower.com|nbcrightnow.com|neatorama.com|necn.com|neopets.com|news.com.au|news4jax.com|newsone.com|nintendoeverything.com|oldschoolcincy.com|pagesuite-professional.co.uk|pandora.com|play.it|player.theplatform.com|radio.com|radionowindy.com|rottentomatoes.com|sbsun.com|shacknews.com|sk-gaming.com|ted.com|thebeatdfw.com|theboxhouston.com|theglobeandmail.com|timesnow.tv|tv2.no|twitch.tv|ustream.tv|wapt.com|washingtonpost.com|wate.com|wbaltv.com|wcvb.com|wdrb.com|wdsu.com|wflx.com|wfmz.com|wfsb.com|wgal.com|whdh.com|wired.com|wisn.com|wiznation.com|wlky.com|wlns.com|wlwt.com|wmur.com|wnem.com|wowt.com|wral.com|wsj.com|wsmv.com|wsvn.com|wtae.com|wthr.com|wxii12.com|wyff4.com|yahoo.com|youtube-nocookie.com|youtube.com|zhiphopcleveland.com 60 IN A 10.10.10.1': Domainname length overflow
      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        You can only use the EasyList Feeds that are hardcoded in the EasyList tab. These ADBlock EasyLists are formatted to remove elements from a webpage while using a browser. DNSBL can only use the lines that are blocking the specific ADVert domains. DNSBL is a DNS filter utilizing the Unbound Resolver.

        You can add other DNSBL feeds:
          https://forum.pfsense.org/index.php?topic=102470.msg573159#msg573159
          https://forum.pfsense.org/index.php?topic=102470.msg572943#msg572943

        Also ensure that you have configured the settings properly for DNSBL to work:
          https://forum.pfsense.org/index.php?topic=129704.0

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • N
          nathan.snow
          last edited by

          It's definitely configured properly as it's working quite well. Also, custom feeds, other than the hard-coded ones, seem to be working just fine. According to the logs, they are being updated, parsed, and added successfully (see example below). Without the custom feeds, barely any ads are blocked. It just seems that pfblockerng complains if one of the lines in the list is over a certain length.

          PS: if you open the default list and one of the lists I provided, you can see they use the same syntax.

          
[ easylist_specific_block ] Downloading update .. 200 OK
  Remote timestamp missing .
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final                
  ----------------------------------------------------------------------
  5321     4269       76         0          0          4193                 
  ----------------------------------------------------------------------
          1 Reply Last reply Reply Quote 0
          • BBcan177B
            BBcan177 Moderator
            last edited by

            As I stated in my reply above, you cannot use these EasyList feeds by adding them to the DNSBL Feeds tab. They will not parse properly.

            The only EasyList feeds that are usable in DNSBL are hardcoded in the EasyList tab. Only certain portions of the EasyList/EasyPrivacy are useable in a DNSBL filter. See the categories in the EasyList tab to see which categories are usable.

            The next version of pfBlockerNG will have all of the EasyList Language Feeds included.

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.