Creating a list for pfBlockerNG from uBlock's Logger

Presbuteros · Mar 27, 2018, 2:40 PM

So I have visited a site and have uBlock's Logger running. I see several items in red. I assume the red items are being blocked by uBlock.
Can I add those items into pfBlocker?
Should they go in TLD Blacklist?
Or should I create a feed and host it on a site like pastebin and put the link in DNSBL Feeds?

Thanks for your help

![ublock logger.jpg](/public/imported_attachments/1/ublock logger.jpg)
![ublock logger.jpg_thumb](/public/imported_attachments/1/ublock logger.jpg_thumb)

RonpfS · Mar 20, 2018, 9:35 PM

Ublock Originin probably use some of the same DNSBL blocklists as pfBlockerNG

Presbuteros · Mar 21, 2018, 7:19 AM

Ron, thanks for responding and taking the time to post a screen. I see now what you are referring to.
I have the clients behind pfSense and pfBlocker enabled with all the DNSBL categories selected. Adblocking is effectively working on many other sites thanks to pfBlocker.

I'm curious though why I am seeing a difference between visiting the site through a browser (ie. Firefox) and not seeing ads and using the Google App to load the site and it serves ads. Any thoughts on this difference and what I could do to block ads at the app level too?

anttechs · Mar 21, 2018, 1:45 PM

You can always check out my site I am making for block lists for PfSense/PfBlocker at ant-techs.is/ip-blocklists

Most of everyone uses Github to do block lists as I have started to make some lists of my own on Github and its far better than doing it on pastebin because Github will show any updates to the lists and 100% open source free.

Guest · Mar 21, 2018, 4:59 PM

I have been scolded by Netgate support for entering FQDNs into the TLD Blacklist - though it does work

Creating a DNSBL feed with custom a FQDNs list that never needs updating will greatly reduce the overhead on Unbounds workload during the pfBlockerNG Update process.

The unbound configuration doesn't need to know anything other than the FQDNs to ignore.

TLD Blacklist probably has to do many lookups to create the lists for Unbound

On another issue - how do I port pfBlockerNG config to another machine - there is zero capacity for pfBlockerNG in Backup/Restore under Diagnostics

RonpfS · Mar 21, 2018, 5:02 PM

There is a sync Tab under pfBlockerNG ;)

Guest · Mar 21, 2018, 5:05 PM

You are truly a hero Ron !
Thank you

Guest · Mar 21, 2018, 5:16 PM

Hmmm to be specific regarding Sync and my import export dilemma

…. I need to take portions of a huge Old config, port it to the new machine and then modify it. A lot of it is IPv4 ASN lookups for outbound rules

This is more of a one time replication of portions of an old config, which does have unknown misconfigurations in it that I dont want to propagate to the new machine.

I dont think this going to be possible

RonpfS · Mar 21, 2018, 5:21 PM

You also have the option of editing config.xml to your taste, but that's prone to error.

Presbuteros · Mar 23, 2018, 12:10 PM

So before Locked hi-jacked the thread…

I was asking for thoughts on the difference between an ad being blocked by pfBlocker when using a browser and an ad not being blocked when using a Google App to access the same site. What am I overlooking as to why one is served ads and the other is blocked? Thanks.

motific · Mar 26, 2018, 7:46 PM

My guess is the google app is bypassing your DNS to query their servers directly.

There are instructions for blocking other DNS services, you should probably implement them.

Presbuteros · Mar 27, 2018, 2:40 PM

Thank you for your reply. The LAN is on a VPN and should be routing through the VPN's DNS. By adding this firewall rule an ad will begin to play, then the app crashes. Interesting results. That's not what I was expecting.

motific · Apr 8, 2018, 6:14 PM

IP6? Or it’s querying a different domain for ads…

I’d consider putting a trace on the port 53 traffic from that host to see what it’s looking for and where.