<![CDATA[pfBlockerNG not blocking from the LAN]]>Hello,
I am playing with pfBlockerNG (2.2.5_20), and I used the wizard to configure it.
It seems to be active and running just fine, but what is funny is that I get the expected behavior if I nslookup a site that should be on the list:

nslookup secure.quantserve.com
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	secure.quantserve.com
Address: 10.10.10.1

But, if I try the same for anywhere in the LAN I actually can resolve the name:

nslookup  secure.quantserve.com
;; Truncated, retrying in TCP mode.
Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
secure.quantserve.com	canonical name = 2kpixel.quantserve.com.
2kpixel.quantserve.com	canonical name = global.px.quantserve.com.
global.px.quantserve.com	canonical name = pixel-use101-lighttpd.pixel.quantserve.net.
pixel-use101-lighttpd.pixel.quantserve.net	canonical name = internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com.
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.225
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.227
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.223
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.217
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.206
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.193
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.194
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.212

Any suggestions on what I might be doing wrong? This is the out of the box wizard config...

Thanks in advance!

]]>https://forum.netgate.com/topic/139765/pfblockerng-not-blocking-from-the-lanRSS for NodeMon, 08 Jun 2026 10:47:31 GMTSun, 20 Jan 2019 05:55:18 GMT60<![CDATA[Reply to pfBlockerNG not blocking from the LAN on Sun, 20 Jan 2019 16:58:06 GMT]]>Thanks for the reply, Johnpoz. Turns out that some of the firewalls/antiviruses in the Mac are messing with the DNS. Everything is working fine on systems that don't have that junk.

]]>https://forum.netgate.com/post/818703https://forum.netgate.com/post/818703Sun, 20 Jan 2019 16:58:06 GMT<![CDATA[Reply to pfBlockerNG not blocking from the LAN on Sun, 20 Jan 2019 16:19:01 GMT]]>Yeah looks like its pointing to local caching prob running dnsmasq locally and that is forwarding to where exactly?

]]>https://forum.netgate.com/post/818698https://forum.netgate.com/post/818698Sun, 20 Jan 2019 16:19:01 GMT<![CDATA[Reply to pfBlockerNG not blocking from the LAN on Sun, 20 Jan 2019 15:44:59 GMT]]>@apellegr said in pfBlockerNG not blocking from the LAN:

secure.quantserve.com

Actually looks like a DNS issue on the mac I am using to run the tests, somehow it's still using its own DNS setting.

]]>https://forum.netgate.com/post/818696https://forum.netgate.com/post/818696Sun, 20 Jan 2019 15:44:59 GMT