Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfblockerng blocking googledns despite it wasn't in a list…

    Scheduled Pinned Locked Moved pfBlockerNG
    2 Posts 2 Posters 604 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      moscato359
      last edited by

      I had some… odd results from one of my lists in pfblockerng

      I was using this list:
      https://isc.sans.edu/api/sources/attacks/10000

      It contains 1 month of information
      <lastseen>2017-04-04</lastseen> is the oldest last seen date, so it's not like the information just fell off.

      pfblockerng was blocking googledns , from this list, except 8.8.8.8 which is blocked, wasn't in the list at all!

      I have it on an hourly cron update for both the list, and general cron.

      See attached image:

      ![googledns pfblocker.png](/public/imported_attachments/1/googledns pfblocker.png)
      ![googledns pfblocker.png_thumb](/public/imported_attachments/1/googledns pfblocker.png_thumb)

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Run the following command to see which feed contains that IP:

        grep "8.8.8.8" /var/db/pfblockerng/deny/*
        

        If you enable the suppression feature, it will add a "+" icon in the Alerts tab which can be used to suppress this IP. This IP shouldn't be listed in any feed, so once you find out which feed listed that IP, you may want to report it to the feed maintainer.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.