Unresolvable destination alias



  • I getting these notices since upgrading to 2.4.0 from 2.3.4

    General
    
    Unresolvable destination alias 'pfB_amazonaws' for rule 'Allow Amazon AWS to WAN' @ 2017-10-18 20:49:49
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 20:49:50
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 20:49:52
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:02:28
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:02:30
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:02:32
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:03:57
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:03:58
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:04:00
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:04:50
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:04:51
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:04:53
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:15:42
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:16:52
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 21:17:47
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:10:16
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:10:17
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:10:20
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:11:21
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:12:23
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:14:50
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-18 22:16:09
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-19 00:00:01
    Unresolvable destination alias 'pfB_netflix' for rule 'Allow Netflix to WAN'	@ 2017-10-19 00:00:02
    

    My pfblockerng.log file

    Sync terminated during boot process.
    UPDATE PROCESS ENDED
    
    **Saving configuration [ 10/18/17 18:53:26 ] ...
    
    **Saving configuration [ 10/18/17 18:55:53 ] ...
    
    **Saving configuration [ 10/18/17 19:00:12 ] ...
    
    **Saving configuration [ 10/18/17 19:00:40 ] ...
    
    **Saving configuration [ 10/18/17 19:00:41 ] ...
     UPDATE PROCESS START [ 10/18/17 20:49:48 ]
    
    Clearing all DNSBL Feeds... 
    ** DNSBL Disabled **
    
    ===[  Continent Process  ]============================================
    
    [ pfB_Asia_v4 ]		 Changes found... Updating
    
    [ pfB_Europe_v4 ]	 Changes found... Updating
    
    [ pfB_NAmerica_v4 ]	 Changes found... Updating
    
    ===[  IPv4 Process  ]=================================================
    
    [ MS_spy_custom ]	 Downloading update [ 10/18/17 20:49:49 ] . completed ..
    
    [ amazonaws ]		 Downloading update .. 200 OK. completed ..
    
    [ netflix ]		 Downloading update [ 10/18/17 20:49:50 ] .. completed ..
    [ pfB_netflix netflix ] List Error ]
    
    ===[  IPv6 Process  ]=================================================
    
    ===[  Aliastables / Rules  ]================================
    
    Firewall rule changes found, applying Filter Reload
    
    ===[ FINAL Processing ]=====================================
    
       [ Original IP count   ]  [ 94011 ]
    
    ===[ Permit List IP Counts ]=========================
    
       71902 /var/db/pfblockerng/permit/pfB_NAmerica_v4.txt
    
    ===[ Deny List IP Counts ]===========================
    
       15694 total
        8745 /var/db/pfblockerng/deny/pfB_Europe_v4.txt
        6904 /var/db/pfblockerng/deny/pfB_Asia_v4.txt
          45 /var/db/pfblockerng/deny/MS_spy_custom.txt
    
    ===[ Native List IP Counts ] ===================================
    
         930 /var/db/pfblockerng/native/amazonaws.txt
    
    ====================[ Last Updated List Summary ]==============
    
    Oct 17	11:49	amazonaws
    Oct 18	20:49	pfB_Asia_v4
    Oct 18	20:49	pfB_Europe_v4
    Oct 18	20:49	pfB_NAmerica_v4
    Oct 18	20:49	MS_spy_custom
    Oct 18	20:49	netflix
    
    IPv4 alias tables IP count
    -----------------------------
    88526
    
    IPv6 alias tables IP count
    -----------------------------
    0
    
    Alias table IP Counts
    -----------------------------
       88526 total
       71902 /var/db/aliastables/pfB_NAmerica_v4.txt
        8745 /var/db/aliastables/pfB_Europe_v4.txt
        6904 /var/db/aliastables/pfB_Asia_v4.txt
         930 /var/db/aliastables/pfB_amazonaws.txt
          45 /var/db/aliastables/pfB_MS_spy.txt
    
    pfSense Table Stats
    -------------------
    table-entries hard limit  2000000
    Table Usage Count         52
    
     UPDATE PROCESS ENDED [ 10/18/17 20:49:51 ]
    
    **Saving configuration [ 10/18/17 21:02:31 ] ...
    
    **Saving configuration [ 10/18/17 21:03:59 ] ...
    
    **Saving configuration [ 10/18/17 21:04:52 ] ...
    
    **Saving configuration [ 10/18/17 22:10:18 ] ...
     CRON  PROCESS  START [ 10/19/17 00:00:00 ]
     UPDATE PROCESS START
    
    Clearing all DNSBL Feeds... 
    ** DNSBL Disabled **
    
    ===[  Continent Process  ]============================================
    
    [ pfB_Asia_v4 ]		 exists.
    [ pfB_Europe_v4 ]	 exists.
    [ pfB_NAmerica_v4 ]	 exists.
    
    ===[  IPv4 Process  ]=================================================
    
    [ MS_spy_custom ]	 exists.
    [ amazonaws ]		 exists.
    [ netflix ]		 Downloading update .. completed ..
    [ pfB_netflix netflix ] List Error ]
    
    ===[  IPv6 Process  ]=================================================
    
    ===[  Aliastables / Rules  ]================================
    
    Firewall rule changes found, applying Filter Reload
    
     UPDATE PROCESS ENDED [ 10/19/17 00:00:01 ]
    
    

    Any ideas on how to fix it?



  • Looks like it rebooted during a cron update.
    Run Force Update, then Force Reload All.



  • @RonpfS:

    Looks like it rebooted during a cron update.
    Run Force Update, then Force Reload All.

    That seems to have fixed it. Thanks



  • Oops spoke to soon still get the same type of notices.  I reinstalled 2.4.0 with the save config option and no errors during install but still getting those notices.
    here is my netflix alias

    ![netflix alias.jpg](/public/imported_attachments/1/netflix alias.jpg)
    ![netflix alias.jpg_thumb](/public/imported_attachments/1/netflix alias.jpg_thumb)



  • If you click on the  on the blue "i" infoblock
    It probably says something like (that infoblock changed in the Development version)

    Convert a Domain name or AS into its respective IP addresses.
    (ie: facebook.com or AS32934)

    With WhoIs selection you should probably remove the "https://ipinfo.io/" and use "AS2906" instead.
    It will get the IPs from builtin https://asn.cymru.com/ db lookup.
    @asn.cymru.com:

    23.246.0.0/18
    37.77.184.0/21
    45.57.0.0/17
    64.120.128.0/17
    66.197.128.0/17
    69.53.224.0/19
    108.175.32.0/20
    185.2.220.0/22
    185.9.188.0/22
    192.173.64.0/18
    198.38.96.0/19
    198.45.48.0/20
    208.75.76.0/22

    Take a look at the pfblocker log file or error log file to see what happen when that list is built.
    Also look at the Match file to see if the alias contains IPs.

    If you want to keep using "https://ipinfo.io/as2906" instead of the builtin Cymru lookup,
    @ipinfo.io:

    23.246.0.0/18
    37.77.184.0/21
    45.57.0.0/17
    64.120.144.197
    64.120.149.70
    64.120.151.214
    64.120.163.117
    64.120.168.69
    64.120.179.10
    64.120.190.163
    64.120.193.178
    64.120.194.78
    64.120.199.67
    64.120.201.222
    64.120.208.146
    64.120.208.203
    64.120.226.125
    64.120.228.98
    64.120.229.146
    64.120.245.32
    64.120.247.238
    64.120.252.58
    64.120.253.210
    66.197.132.37
    66.197.133.49
    66.197.134.158
    66.197.134.171
    66.197.144.133
    66.197.153.182
    66.197.155.53
    66.197.158.229
    66.197.159.24/31
    66.197.160.197
    66.197.161.40
    66.197.162.101
    66.197.162.102/31
    66.197.163.245
    66.197.166.96
    66.197.193.104
    66.197.193.116
    66.197.207.185
    66.197.210.149
    66.197.211.85
    66.197.213.200
    66.197.214.132
    66.197.215.165
    66.197.218.149
    66.197.221.135
    66.197.222.85
    66.197.250.197
    69.53.225.0/24
    108.175.32.0/20
    192.173.64.0/18
    198.38.96.0/19
    198.45.48.0/20

    then change WhoIs for Auto, run a force update or force reload IP and see if the Match Alias contains IPs.

    Also you might change the Update frequency to Weekly in case the ASN changes over time.



  • @RonpfS:

    If you click on the  on the blue "i" infoblock
    It probably says something like (that infoblock changed in the Development version)

    Convert a Domain name or AS into its respective IP addresses.
    (ie: facebook.com or AS32934)

    With WhoIs selection you should probably remove the "https://ipinfo.io/" and use "AS2906" instead.
    It will get the IPs from builtin https://asn.cymru.com/ db lookup.
    @asn.cymru.com:

    23.246.0.0/18
    37.77.184.0/21
    45.57.0.0/17
    64.120.128.0/17
    66.197.128.0/17
    69.53.224.0/19
    108.175.32.0/20
    185.2.220.0/22
    185.9.188.0/22
    192.173.64.0/18
    198.38.96.0/19
    198.45.48.0/20
    208.75.76.0/22

    Take a look at the pfblocker log file or error log file to see what happen when that list is built.
    Also look at the Match file to see if the alias contains IPs.

    If you want to keep using "https://ipinfo.io/as2906" instead of the builtin Cymru lookup,
    @ipinfo.io:

    23.246.0.0/18
    37.77.184.0/21
    45.57.0.0/17
    64.120.144.197
    64.120.149.70
    64.120.151.214
    64.120.163.117
    64.120.168.69
    64.120.179.10
    64.120.190.163
    64.120.193.178
    64.120.194.78
    64.120.199.67
    64.120.201.222
    64.120.208.146
    64.120.208.203
    64.120.226.125
    64.120.228.98
    64.120.229.146
    64.120.245.32
    64.120.247.238
    64.120.252.58
    64.120.253.210
    66.197.132.37
    66.197.133.49
    66.197.134.158
    66.197.134.171
    66.197.144.133
    66.197.153.182
    66.197.155.53
    66.197.158.229
    66.197.159.24/31
    66.197.160.197
    66.197.161.40
    66.197.162.101
    66.197.162.102/31
    66.197.163.245
    66.197.166.96
    66.197.193.104
    66.197.193.116
    66.197.207.185
    66.197.210.149
    66.197.211.85
    66.197.213.200
    66.197.214.132
    66.197.215.165
    66.197.218.149
    66.197.221.135
    66.197.222.85
    66.197.250.197
    69.53.225.0/24
    108.175.32.0/20
    192.173.64.0/18
    198.38.96.0/19
    198.45.48.0/20

    then change WhoIs for Auto, run a force update or force reload IP and see if the Match Alias contains IPs.

    Also you might change the Update frequency to Weekly in case the ASN changes over time.

    It seems like either solution works http://ipinfo.io/AS2906 with the auto option and AS2906 and with the whois option and updated my frequency to weekly. I went with the whois option.  Thanks for your help.  Are there any docs, links or websites you recommend for a newbie trying to learn pfBlocker?  I tried reading the stickies but it's like stepping into the middle of on ongoing converstion that's over my head and google/you tube don't help much.



  • Strange. :o
    With my version (development), Auto reads the https://ipinfo.io/as2906 fine and the listing above is from the Firewall / pfBlockerNG / Log Browser / Match files

    You can always create your own table using ipinfo.io listing, either with a local disk file or with IPv4 Custom list.

    The stickys do contain important informations about pfBlockerNG behaviour, so your are not wasting your time reading them.


Log in to reply