Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Source of IP block

Qinn last edited by

Hi there is there a way to find out the source (as in program) of a blocked IP address in the logs by pfblockerNG or do I need snort?

Cheers Qinn
Reply Quote 0
1 Reply Last reply
C

charvey last edited by

I would love to know this as well. I have warnings/alerts from pfblockerng for addresses that aren't in any of my lists.
Reply Quote 0
1 Reply Last reply
B

bartkowski last edited by

Using the command line, you can search for the domain in PfBlockerNG's DNSBL config:

grep "SEARCH STRING HERE" /var/unbound/pfb_dnsbl.conf

For IP, I imagine the same would work for whatever *.conf file holds that.
Reply Quote 0
1 Reply Last reply

3
Posts

310
Views

Log in to reply

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy

1 / 1