Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    TLD blocking

    pfBlockerNG
    2
    3
    320
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Qinn
      Qinn last edited by Qinn

      Hi there, I have removed the subnet WLANdevices subnet from the Permit Firewall Rules in the DNSBL Configuration section (did an update and reload) , yet there is still some blocking for this subnet in the Reports section. What am I not doing right (btw TLD is enabled).

      Cheers Qinn

      0_1536407783819_a03638e9-18e1-4a8a-805c-effe85c12277-image.png

      Hardeware: APU2C4 16gb mSATA SSD (ZFS)
      Bios: Coreboot Mainline v4.16.0.4
      Firmware: Latest-stable-pfSense (amd64)
      Packages: pfBlockerNG devel-beta (beta tester) - Avahi - iPerf - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog

      1 Reply Last reply Reply Quote 0
      • BBcan177
        BBcan177 Moderator last edited by

        @qinn said in TLD blocking:

        I have removed the subnet WLANdevices subnet from the Permit Firewall Rules in the DNSBL Configuration section (did an update and reload) , yet there is still some blocking for this subnet in the Reports section.

        The DNSBL permit rule is only needed to allow subnets to hit the DNSBL VIP address to avoid browser timeouts.

        This option doesn't stop dns resolutions. If you want a subnet to bypass DNSBL, you would need to define a different DNS server for those subnets.

        There is a "views" option in Unbound that will allow for some fine tuning, but that needs to be configured manually.

        See here:

        https://forum.netgate.com/topic/129365/bypassing-dnsbl-for-specific-ips

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 1
        • Qinn
          Qinn last edited by

          @BBcan177 Thanks for pointing that one out to me, I will give it a try. Maybe an idea (but of course it's all up to you) to add this one in feature releases. Thanks for your quick help and of course a great package!!

          Cheers Qinn

          Hardeware: APU2C4 16gb mSATA SSD (ZFS)
          Bios: Coreboot Mainline v4.16.0.4
          Firmware: Latest-stable-pfSense (amd64)
          Packages: pfBlockerNG devel-beta (beta tester) - Avahi - iPerf - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog

          1 Reply Last reply Reply Quote 0
          • First post
            Last post