Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TLD blocking

    pfBlockerNG
    2
    3
    591
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • QinnQ
      Qinn
      last edited by Qinn

      Hi there, I have removed the subnet WLANdevices subnet from the Permit Firewall Rules in the DNSBL Configuration section (did an update and reload) , yet there is still some blocking for this subnet in the Reports section. What am I not doing right (btw TLD is enabled).

      Cheers Qinn

      0_1536407783819_a03638e9-18e1-4a8a-805c-effe85c12277-image.png

      Hardeware: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz 102 GB mSATA SSD (ZFS)
      Firmware: Latest-stable-pfSense CE (amd64)
      Packages: pfBlockerNG devel-beta (beta tester) - Avahi - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog - System Patches

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        @qinn said in TLD blocking:

        I have removed the subnet WLANdevices subnet from the Permit Firewall Rules in the DNSBL Configuration section (did an update and reload) , yet there is still some blocking for this subnet in the Reports section.

        The DNSBL permit rule is only needed to allow subnets to hit the DNSBL VIP address to avoid browser timeouts.

        This option doesn't stop dns resolutions. If you want a subnet to bypass DNSBL, you would need to define a different DNS server for those subnets.

        There is a "views" option in Unbound that will allow for some fine tuning, but that needs to be configured manually.

        See here:

        https://forum.netgate.com/topic/129365/bypassing-dnsbl-for-specific-ips

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 1
        • QinnQ
          Qinn
          last edited by

          @BBcan177 Thanks for pointing that one out to me, I will give it a try. Maybe an idea (but of course it's all up to you) to add this one in feature releases. Thanks for your quick help and of course a great package!!

          Cheers Qinn

          Hardeware: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz 102 GB mSATA SSD (ZFS)
          Firmware: Latest-stable-pfSense CE (amd64)
          Packages: pfBlockerNG devel-beta (beta tester) - Avahi - Notes - Ntopng - PIMD/udpbroadcastrelay - Service Watchdog - System Patches

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.