Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    DNSBL enable/disable is independent of General disable/enable

    pfBlockerNG
    2
    3
    501
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Qinn
      Qinn last edited by

      I did not know how to describe the subject in such a way that anyone can find it easy when running into the misconception I made, so any moderator feel free to change the subject in anyway…

      If you don't want to read all below, simple and plain; disabling pfBlockerNG in the General tab doesn't stop the DNSBL service (if you have enabled it). 
      I assumed that disabling pfBlockerNG in the General Tab would bring down all  that came with the package, but DNSBL is a service and keeps on running...

      How to…
      Today I wanted to access "github.com", but ran into the following error in FF "Secure Connection Failed" and there was no option to bypass it.  So I changed to another browser, in this case "Iceweasel" on a complete other OS (Kali), kinda same error "This connection is Untrusted" here with also no option to bypass it. Next I looked into about:config and couldn't adjust the settings to bypass it.

      Then I thought of pfBockerNG as a probale cause, so I disabled it in the General Tab, but still I could not access github.com, then I almost made the mistake of ruling out pfBlockerNG (just doing it's great work, just me too stupid of overseeing the fact that the DNSBL service was still running) as the cause.

      Next step, I took my mobile device and stopt WiFi access to the Access Point, so it switched to mobile data and suddenly access to github was back again. Now I knew it had to be pfBlockerNG, a quick look into the Alerts Tab in pfBlockerNG showed me the block and the list it came from (see attachment).

      Assumption is the mother of all f*ckups….

      Hardeware: APU2C4 16gb mSATA SSD (ZFS)
      Bios: Coreboot Mainline v4.19.0.1
      Firmware: Latest-stable-pfSense (amd64)
      Packages: pfBlockerNG devel-beta (beta tester) - Avahi - iPerf - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog

      1 Reply Last reply Reply Quote 0
      • BBcan177
        BBcan177 Moderator last edited by

        This has been addressed in the upcoming release.

        Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • Qinn
          Qinn last edited by

          @BBcan177:

          This has been addressed in the upcoming release.

          Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

          Thanks for letting me know.

          Season greetings and cheers Qinn

          btw looking forward to v2.2x ;)

          Hardeware: APU2C4 16gb mSATA SSD (ZFS)
          Bios: Coreboot Mainline v4.19.0.1
          Firmware: Latest-stable-pfSense (amd64)
          Packages: pfBlockerNG devel-beta (beta tester) - Avahi - iPerf - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog

          1 Reply Last reply Reply Quote 0
          • First post
            Last post