Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNSBL enable/disable is independent of General disable/enable

    Scheduled Pinned Locked Moved pfBlockerNG
    3 Posts 2 Posters 621 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • QinnQ
      Qinn
      last edited by

      I did not know how to describe the subject in such a way that anyone can find it easy when running into the misconception I made, so any moderator feel free to change the subject in anyway…

      If you don't want to read all below, simple and plain; disabling pfBlockerNG in the General tab doesn't stop the DNSBL service (if you have enabled it). 
      I assumed that disabling pfBlockerNG in the General Tab would bring down all  that came with the package, but DNSBL is a service and keeps on running...

      How to…
      Today I wanted to access "github.com", but ran into the following error in FF "Secure Connection Failed" and there was no option to bypass it.  So I changed to another browser, in this case "Iceweasel" on a complete other OS (Kali), kinda same error "This connection is Untrusted" here with also no option to bypass it. Next I looked into about:config and couldn't adjust the settings to bypass it.

      Then I thought of pfBockerNG as a probale cause, so I disabled it in the General Tab, but still I could not access github.com, then I almost made the mistake of ruling out pfBlockerNG (just doing it's great work, just me too stupid of overseeing the fact that the DNSBL service was still running) as the cause.

      Next step, I took my mobile device and stopt WiFi access to the Access Point, so it switched to mobile data and suddenly access to github was back again. Now I knew it had to be pfBlockerNG, a quick look into the Alerts Tab in pfBlockerNG showed me the block and the list it came from (see attachment).

      Assumption is the mother of all f*ckups….
      Alerts.jpg
      Alerts.jpg_thumb

      Hardeware: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz 102 GB mSATA SSD (ZFS)
      Firmware: Latest-stable-pfSense CE (amd64)
      Packages: pfBlockerNG devel-beta (beta tester) - Avahi - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog - System Patches

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        This has been addressed in the upcoming release.

        Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • QinnQ
          Qinn
          last edited by

          @BBcan177:

          This has been addressed in the upcoming release.

          Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

          Thanks for letting me know.

          Season greetings and cheers Qinn

          btw looking forward to v2.2x ;)

          Hardeware: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz 102 GB mSATA SSD (ZFS)
          Firmware: Latest-stable-pfSense CE (amd64)
          Packages: pfBlockerNG devel-beta (beta tester) - Avahi - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog - System Patches

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.