Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Is Hiding DNSBL Alerts without Whitlisting Possible?

    pfBlockerNG
    2
    5
    421
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zskwrel last edited by

      I've been trying to find a simple solution aside from whitelisting that will either hide, or remove some of the regular blocked domains that constantly spam my pfBlockerNG alerts list. Is such a thing currently possible? Is there maybe a setting I haven't found yet to accomplish this?

      BBcan177 1 Reply Last reply Reply Quote 0
      • BBcan177
        BBcan177 Moderator @zskwrel last edited by

        @zskwrel
        In pfBlockerNG-devel, you can sinkhole a DNSBL Group to "0.0.0.0" and it will avoid the logging of these domains. There is a DNSBL disable logging option. Also recommended to set the Group order to "primary" so that it loads first before other DNSBL groups.

        This is also beneficial for domains that cause HTTPS certificate errors in the browser while browsing.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 1
        • Z
          zskwrel last edited by

          Thanks for your response. I will disable logging for that DNSBL feed for now, but it would still be nice to be able to hide/suppress individual repetitive domain alerts without bringing the hammer down on a whole feed list in case false positives are occurring but not being shown due to disabled logging of a feed.

          BBcan177 1 Reply Last reply Reply Quote 0
          • BBcan177
            BBcan177 Moderator @zskwrel last edited by

            @zskwrel

            The simple solution is to create a new DNSBL Group with logging disabled and the group order set as primary. Then add these individual domains to the custom list at the bottom of this new group.

            Run a Force Reload - DNSBL which will mark these domains with "0.0.0.0" before the other feeds take precedence.

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 1
            • Z
              zskwrel last edited by

              Oh, I see what you mean now! Thanks again.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post