Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] Have to disable pfBlockerNG to be able to use Paypal

    Scheduled Pinned Locked Moved pfBlockerNG
    11 Posts 5 Posters 4.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mr. Jingles
      last edited by

      Hi BB ;D

      1. Problem is already bugging me for months, only now I found the time to open this thread.
      2. The attached screenshot: this is when I go from the webshop to paypal to pay: this is the paypal screen (in Firefox or Chrome, doesn't make a difference).
      3. Disable pfBlockerNG (DNSBL can remain enabled) and I can get through to Paypal.
      4. This is what I thus have been doing for the last I think 6 months.
      5. Problem: the alerts don't show hits for the time I access Paypal, only 10 minutes earlier.
      6. pfSense is time server for local LAN, so all machines should have the same time.

      Is there a different way of finding out which/what/who is blocking this Paypal?

      Thank you Sir BB  ;)
      pfsense_paypal_errors.png
      pfsense_paypal_errors.png_thumb

      6 and a half billion people know that they are stupid, agressive, lower life forms.

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        In FF, hit F12 which will open Dev Mode. Goto "console" and it will show all domains that are blocked while you visit that webpage.  Typically look for domains which have a "js" extension. Then add the problematic domains to the DNSBL whitelist customlist. After manually adding those you will need to Force Reload - DNSBL for it to take effect.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • M
          Mr. Jingles
          last edited by

          Thank you BB  :-*

          Firefox showed nothing. Chrome did. So I whitelisted paypalobjects.com. However, it still didn't work (pic 4 and 5).

          ???

          So I still had to disable to be able to make the paypal payment.

          Thank you & bye  :D

          pfsense_paypal02_firefox.png
          pfsense_paypal02_firefox.png_thumb
          pfsense_paypal03_chrome.png
          pfsense_paypal03_chrome.png_thumb
          pfsense_paypal04.png
          pfsense_paypal04.png_thumb
          pfsense_paypal05.png
          pfsense_paypal05.png_thumb

          6 and a half billion people know that they are stupid, agressive, lower life forms.

          1 Reply Last reply Reply Quote 0
          • P
            pfBasic Banned
            last edited by

            Did you find any resolution to this other than shutting off DNSBL? I'm having the same issue with hpHosts screwing up paypal.

            EDIT: Disregard, I got it working by whitelisting it. I just had to wait a bit after forcing the reload for it to take effect.

            1 Reply Last reply Reply Quote 0
            • M
              Mr. Jingles
              last edited by

              I did whitelist it and am waiting for days, but the problem remains. (See above 4 pictures, especially picture 3).

              Any thoughts, BB?

              Thank you :)

              6 and a half billion people know that they are stupid, agressive, lower life forms.

              1 Reply Last reply Reply Quote 0
              • BBcan177B
                BBcan177 Moderator
                last edited by

                Does the domain resolve to the DNSBL vip address?

                BSD:

                host -t A www.paypalobjects.com
                

                Windows:

                nslookup www.paypalobjects.com
                

                Make sure the domain is not in DNBSL:

                grep "paypalobjects" /var/unbound/pfb_dnsbl.conf
                

                hpHosts lists this domain in the (Full Feed) which is only updated once per month. So I am going to recommend to everyone to use the individual hpHost feeds instead of the Full Feed. Any False positive domains that are removed will not be removed from the Full Feed for 30 days…

                hpHosts Download site:
                https://hosts-file.net/?s=Download

                List of individual hpHost Feeds:
                https://hosts-file.net/emd.txt
                https://hosts-file.net/exp.txt
                https://hosts-file.net/fsa.txt
                https://hosts-file.net/grm.txt
                https://hosts-file.net/hfs.txt
                https://hosts-file.net/mmt.txt
                https://hosts-file.net/pha.txt
                https://hosts-file.net/psh.txt
                https://hosts-file.net/pup.txt
                https://hosts-file.net/wrz.txt

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                1 Reply Last reply Reply Quote 0
                • U
                  u3c307
                  last edited by

                  I was getting that a few months ago, but it's been good since I added this in my custom whitelist dsnbl:

                  .www.paypal.com
                  .paypal.com # CNAME for (www.paypal.com)
                  .www.paypalobjects.com
                  .www.paypalobjects.com.akadns.net # CNAME for (www.paypalobjects.com)
                  .www.paypalobjects.com.edgekey.net # CNAME for (www.paypalobjects.com)
                  .e3691.g.akamaiedge.net # CNAME for (www.paypalobjects.com)

                  Hopes that help.

                  1 Reply Last reply Reply Quote 0
                  • R
                    Ramosel
                    last edited by

                    there are also these elements

                    t.paypal.com
                    t.paypal.com.edgekey.net # CNAME for (t.paypal.com)
                    e3694.a.akamaiedge.net # CNAME for (t.paypal.com)

                    1 Reply Last reply Reply Quote 0
                    • P
                      pfBasic Banned
                      last edited by

                      Hmmm, just paypalobjects worked for me

                      1 Reply Last reply Reply Quote 0
                      • M
                        Mr. Jingles
                        last edited by

                        @BBcan177:

                        Does the domain resolve to the DNSBL vip address?

                        BSD:

                        host -t A www.paypalobjects.com
                        

                        Windows:

                        nslookup www.paypalobjects.com
                        

                        Make sure the domain is not in DNBSL:

                        grep "paypalobjects" /var/unbound/pfb_dnsbl.conf
                        

                        hpHosts lists this domain in the (Full Feed) which is only updated once per month. So I am going to recommend to everyone to use the individual hpHost feeds instead of the Full Feed. Any False positive domains that are removed will not be removed from the Full Feed for 30 days…

                        hpHosts Download site:
                        https://hosts-file.net/?s=Download

                        List of individual hpHost Feeds:
                        https://hosts-file.net/emd.txt
                        https://hosts-file.net/exp.txt
                        https://hosts-file.net/fsa.txt
                        https://hosts-file.net/grm.txt
                        https://hosts-file.net/hfs.txt
                        https://hosts-file.net/mmt.txt
                        https://hosts-file.net/pha.txt
                        https://hosts-file.net/psh.txt
                        https://hosts-file.net/pup.txt
                        https://hosts-file.net/wrz.txt

                        Thank you BB,

                        1. Yes it resolves to 10.10.10.1
                        2.  About not being in DNSBL, the grep command gives: local-data: "www.paypalobjects.com 60 IN A 10.10.10.1"
                        3. I ll add the individual feeds.

                        6 and a half billion people know that they are stupid, agressive, lower life forms.

                        1 Reply Last reply Reply Quote 0
                        • M
                          Mr. Jingles
                          last edited by

                          Still had to report back that it was solved. Thank you BB  ;D

                          6 and a half billion people know that they are stupid, agressive, lower life forms.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.