4. TLD blocking

TLD blocking

  • Q

    Hi there, I have removed the subnet WLANdevices subnet from the Permit Firewall Rules in the DNSBL Configuration section (did an update and reload) , yet there is still some blocking for this subnet in the Reports section. What am I not doing right (btw TLD is enabled).

    Cheers Qinn

    0_1536407783819_a03638e9-18e1-4a8a-805c-effe85c12277-image.png

    0
  • Moderator

    @qinn said in TLD blocking:

    I have removed the subnet WLANdevices subnet from the Permit Firewall Rules in the DNSBL Configuration section (did an update and reload) , yet there is still some blocking for this subnet in the Reports section.

    The DNSBL permit rule is only needed to allow subnets to hit the DNSBL VIP address to avoid browser timeouts.

    This option doesn't stop dns resolutions. If you want a subnet to bypass DNSBL, you would need to define a different DNS server for those subnets.

    There is a "views" option in Unbound that will allow for some fine tuning, but that needs to be configured manually.

    See here:

    https://forum.netgate.com/topic/129365/bypassing-dnsbl-for-specific-ips

    1
  • Q

    @BBcan177 Thanks for pointing that one out to me, I will give it a try. Maybe an idea (but of course it's all up to you) to add this one in feature releases. Thanks for your quick help and of course a great package!!

    Cheers Qinn

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy