Creating a list for pfBlockerNG from uBlock's Logger
-
You can always check out my site I am making for block lists for PfSense/PfBlocker at ant-techs.is/ip-blocklists
Most of everyone uses Github to do block lists as I have started to make some lists of my own on Github and its far better than doing it on pastebin because Github will show any updates to the lists and 100% open source free.
-
I have been scolded by Netgate support for entering FQDNs into the TLD Blacklist - though it does work
Creating a DNSBL feed with custom a FQDNs list that never needs updating will greatly reduce the overhead on Unbounds workload during the pfBlockerNG Update process.
The unbound configuration doesn't need to know anything other than the FQDNs to ignore.
TLD Blacklist probably has to do many lookups to create the lists for Unbound
On another issue - how do I port pfBlockerNG config to another machine - there is zero capacity for pfBlockerNG in Backup/Restore under Diagnostics
-
There is a sync Tab under pfBlockerNG ;)
-
You are truly a hero Ron !
Thank you -
Hmmm to be specific regarding Sync and my import export dilemma
…. I need to take portions of a huge Old config, port it to the new machine and then modify it. A lot of it is IPv4 ASN lookups for outbound rules
This is more of a one time replication of portions of an old config, which does have unknown misconfigurations in it that I dont want to propagate to the new machine.
I dont think this going to be possible
-
You also have the option of editing config.xml to your taste, but that's prone to error.
-
So before Locked hi-jacked the thread…
I was asking for thoughts on the difference between an ad being blocked by pfBlocker when using a browser and an ad not being blocked when using a Google App to access the same site. What am I overlooking as to why one is served ads and the other is blocked? Thanks.
-
My guess is the google app is bypassing your DNS to query their servers directly.
There are instructions for blocking other DNS services, you should probably implement them.
-
Thank you for your reply. The LAN is on a VPN and should be routing through the VPN's DNS. By adding this firewall rule an ad will begin to play, then the app crashes. Interesting results. That's not what I was expecting.
-
IP6? Or it’s querying a different domain for ads…
I’d consider putting a trace on the port 53 traffic from that host to see what it’s looking for and where.
