Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [SOLVED] Have to disable pfBlockerNG to be able to use Paypal

    pfBlockerNG
    5
    11
    2967
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mr. Jingles last edited by

      Hi BB ;D

      1. Problem is already bugging me for months, only now I found the time to open this thread.
      2. The attached screenshot: this is when I go from the webshop to paypal to pay: this is the paypal screen (in Firefox or Chrome, doesn't make a difference).
      3. Disable pfBlockerNG (DNSBL can remain enabled) and I can get through to Paypal.
      4. This is what I thus have been doing for the last I think 6 months.
      5. Problem: the alerts don't show hits for the time I access Paypal, only 10 minutes earlier.
      6. pfSense is time server for local LAN, so all machines should have the same time.

      Is there a different way of finding out which/what/who is blocking this Paypal?

      Thank you Sir BB  ;)

      1 Reply Last reply Reply Quote 0
      • BBcan177
        BBcan177 Moderator last edited by

        In FF, hit F12 which will open Dev Mode. Goto "console" and it will show all domains that are blocked while you visit that webpage.  Typically look for domains which have a "js" extension. Then add the problematic domains to the DNSBL whitelist customlist. After manually adding those you will need to Force Reload - DNSBL for it to take effect.

        1 Reply Last reply Reply Quote 0
        • M
          Mr. Jingles last edited by

          Thank you BB  :-*

          Firefox showed nothing. Chrome did. So I whitelisted paypalobjects.com. However, it still didn't work (pic 4 and 5).

          ???

          So I still had to disable to be able to make the paypal payment.

          Thank you & bye  :D








          1 Reply Last reply Reply Quote 0
          • P
            pfBasic Banned last edited by

            Did you find any resolution to this other than shutting off DNSBL? I'm having the same issue with hpHosts screwing up paypal.

            EDIT: Disregard, I got it working by whitelisting it. I just had to wait a bit after forcing the reload for it to take effect.

            1 Reply Last reply Reply Quote 0
            • M
              Mr. Jingles last edited by

              I did whitelist it and am waiting for days, but the problem remains. (See above 4 pictures, especially picture 3).

              Any thoughts, BB?

              Thank you :)

              1 Reply Last reply Reply Quote 0
              • BBcan177
                BBcan177 Moderator last edited by

                Does the domain resolve to the DNSBL vip address?

                BSD:

                host -t A www.paypalobjects.com
                

                Windows:

                nslookup www.paypalobjects.com
                

                Make sure the domain is not in DNBSL:

                grep "paypalobjects" /var/unbound/pfb_dnsbl.conf
                

                hpHosts lists this domain in the (Full Feed) which is only updated once per month. So I am going to recommend to everyone to use the individual hpHost feeds instead of the Full Feed. Any False positive domains that are removed will not be removed from the Full Feed for 30 days…

                hpHosts Download site:
                https://hosts-file.net/?s=Download

                List of individual hpHost Feeds:
                https://hosts-file.net/emd.txt
                https://hosts-file.net/exp.txt
                https://hosts-file.net/fsa.txt
                https://hosts-file.net/grm.txt
                https://hosts-file.net/hfs.txt
                https://hosts-file.net/mmt.txt
                https://hosts-file.net/pha.txt
                https://hosts-file.net/psh.txt
                https://hosts-file.net/pup.txt
                https://hosts-file.net/wrz.txt

                1 Reply Last reply Reply Quote 0
                • U
                  u3c307 last edited by

                  I was getting that a few months ago, but it's been good since I added this in my custom whitelist dsnbl:

                  .www.paypal.com
                  .paypal.com # CNAME for (www.paypal.com)
                  .www.paypalobjects.com
                  .www.paypalobjects.com.akadns.net # CNAME for (www.paypalobjects.com)
                  .www.paypalobjects.com.edgekey.net # CNAME for (www.paypalobjects.com)
                  .e3691.g.akamaiedge.net # CNAME for (www.paypalobjects.com)

                  Hopes that help.

                  1 Reply Last reply Reply Quote 0
                  • R
                    Ramosel last edited by

                    there are also these elements

                    t.paypal.com
                    t.paypal.com.edgekey.net # CNAME for (t.paypal.com)
                    e3694.a.akamaiedge.net # CNAME for (t.paypal.com)

                    1 Reply Last reply Reply Quote 0
                    • P
                      pfBasic Banned last edited by

                      Hmmm, just paypalobjects worked for me

                      1 Reply Last reply Reply Quote 0
                      • M
                        Mr. Jingles last edited by

                        @BBcan177:

                        Does the domain resolve to the DNSBL vip address?

                        BSD:

                        host -t A www.paypalobjects.com
                        

                        Windows:

                        nslookup www.paypalobjects.com
                        

                        Make sure the domain is not in DNBSL:

                        grep "paypalobjects" /var/unbound/pfb_dnsbl.conf
                        

                        hpHosts lists this domain in the (Full Feed) which is only updated once per month. So I am going to recommend to everyone to use the individual hpHost feeds instead of the Full Feed. Any False positive domains that are removed will not be removed from the Full Feed for 30 days…

                        hpHosts Download site:
                        https://hosts-file.net/?s=Download

                        List of individual hpHost Feeds:
                        https://hosts-file.net/emd.txt
                        https://hosts-file.net/exp.txt
                        https://hosts-file.net/fsa.txt
                        https://hosts-file.net/grm.txt
                        https://hosts-file.net/hfs.txt
                        https://hosts-file.net/mmt.txt
                        https://hosts-file.net/pha.txt
                        https://hosts-file.net/psh.txt
                        https://hosts-file.net/pup.txt
                        https://hosts-file.net/wrz.txt

                        Thank you BB,

                        1. Yes it resolves to 10.10.10.1
                        2.  About not being in DNSBL, the grep command gives: local-data: "www.paypalobjects.com 60 IN A 10.10.10.1"
                        3. I ll add the individual feeds.

                        1 Reply Last reply Reply Quote 0
                        • M
                          Mr. Jingles last edited by

                          Still had to report back that it was solved. Thank you BB  ;D

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post

                          Products

                          • Platform Overview
                          • TNSR
                          • pfSense Plus
                          • Appliances

                          Services

                          • Training
                          • Professional Services

                          Support

                          • Subscription Plans
                          • Contact Support
                          • Product Lifecycle
                          • Documentation

                          News

                          • Media Coverage
                          • Press
                          • Events

                          Resources

                          • Blog
                          • FAQ
                          • Find a Partner
                          • Resource Library
                          • Security Information

                          Company

                          • About Us
                          • Careers
                          • Partners
                          • Contact Us
                          • Legal
                          Our Mission

                          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                          Subscribe to our Newsletter

                          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                          © 2021 Rubicon Communications, LLC | Privacy Policy