1. Home
  2. pfSense Packages
  3. pfBlockerNG
  4. DNSBL enable/disable is independent of General disable/enable

DNSBL enable/disable is independent of General disable/enable

  • Qinn

    I did not know how to describe the subject in such a way that anyone can find it easy when running into the misconception I made, so any moderator feel free to change the subject in anyway…

    If you don't want to read all below, simple and plain; disabling pfBlockerNG in the General tab doesn't stop the DNSBL service (if you have enabled it). 
    I assumed that disabling pfBlockerNG in the General Tab would bring down all  that came with the package, but DNSBL is a service and keeps on running...

    How to…
    Today I wanted to access "github.com", but ran into the following error in FF "Secure Connection Failed" and there was no option to bypass it.  So I changed to another browser, in this case "Iceweasel" on a complete other OS (Kali), kinda same error "This connection is Untrusted" here with also no option to bypass it. Next I looked into about:config and couldn't adjust the settings to bypass it.

    Then I thought of pfBockerNG as a probale cause, so I disabled it in the General Tab, but still I could not access github.com, then I almost made the mistake of ruling out pfBlockerNG (just doing it's great work, just me too stupid of overseeing the fact that the DNSBL service was still running) as the cause.

    Next step, I took my mobile device and stopt WiFi access to the Access Point, so it switched to mobile data and suddenly access to github was back again. Now I knew it had to be pfBlockerNG, a quick look into the Alerts Tab in pfBlockerNG showed me the block and the list it came from (see attachment).

    Assumption is the mother of all f*ckups….

    0
  • BBcan177
    Moderator

    This has been addressed in the upcoming release.

    Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

    0
  • Qinn

    @BBcan177:

    This has been addressed in the upcoming release.

    Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

    Thanks for letting me know.

    Season greetings and cheers Qinn

    btw looking forward to v2.2x ;)

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy