Not enough double u's?



  • Who can explain this one... when pfblockerng is installed and I try to run an DNS lookup on "test.com", that query returns the ip of pfblockerng DNSBL Virtual IP (10.10.10.1). However, if I query "www.test.com", then it comes up with the actual IP of that site. Sounds simple enough, just add the www. BUT, I have tried this with many different sites and I haven't found this issue with any other site so far. Leaving out the www with all other sites (that I have tried) still resolve properly. I thought this could just be a case of a misconfigured DNS zone record, maybe? But when I uninstalled pfblockerng, "test.com" would then resolve properly.
    System info and package info below.
    1_1539093274065_pfsense system info.JPG 0_1539093274065_pfsense packages.JPG


  • Moderator

    If you want to block the full domain and sub-domains, you would need to enable the TLD option which will automaticaly parse the Feeds and wildcard block all root domains that are listed in the Feeds, otherwise, its just going to block the sub-domains that are listed and nothing else...



  • @BBcan177 thanks for the quick response. I don't think I am blocking test.com, but I guess that would explain it. Maybe it is in one of my block lists and I don't even know it. Let me look into those.



  • Yup, "test.com" was in one of my lists. That explains it! pfblocker was doing its job. Thanks!