Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG not blocking from the LAN

    Scheduled Pinned Locked Moved pfBlockerNG
    4 Posts 2 Posters 686 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      apellegr
      last edited by

      Hello,
      I am playing with pfBlockerNG (2.2.5_20), and I used the wizard to configure it.
      It seems to be active and running just fine, but what is funny is that I get the expected behavior if I nslookup a site that should be on the list:

      nslookup secure.quantserve.com
      Server:		127.0.0.1
      Address:	127.0.0.1#53
      
      Name:	secure.quantserve.com
      Address: 10.10.10.1
      

      But, if I try the same for anywhere in the LAN I actually can resolve the name:

      nslookup  secure.quantserve.com
      ;; Truncated, retrying in TCP mode.
      Server:		127.0.0.1
      Address:	127.0.0.1#53
      
      Non-authoritative answer:
      secure.quantserve.com	canonical name = 2kpixel.quantserve.com.
      2kpixel.quantserve.com	canonical name = global.px.quantserve.com.
      global.px.quantserve.com	canonical name = pixel-use101-lighttpd.pixel.quantserve.net.
      pixel-use101-lighttpd.pixel.quantserve.net	canonical name = internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com.
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.225
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.227
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.223
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.217
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.206
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.193
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.194
      Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
      Address: 192.184.68.212
      

      Any suggestions on what I might be doing wrong? This is the out of the box wizard config...

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • A
        apellegr
        last edited by

        @apellegr said in pfBlockerNG not blocking from the LAN:

        secure.quantserve.com

        Actually looks like a DNS issue on the mac I am using to run the tests, somehow it's still using its own DNS setting.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Yeah looks like its pointing to local caching prob running dnsmasq locally and that is forwarding to where exactly?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • A
            apellegr
            last edited by

            Thanks for the reply, Johnpoz. Turns out that some of the firewalls/antiviruses in the Mac are messing with the DNS. Everything is working fine on systems that don't have that junk.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.