Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG not blocking from the LAN

    pfBlockerNG
    2
    4
    576
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      apellegr
      last edited by

      Hello,
      I am playing with pfBlockerNG (2.2.5_20), and I used the wizard to configure it.
      It seems to be active and running just fine, but what is funny is that I get the expected behavior if I nslookup a site that should be on the list:

      nslookup secure.quantserve.com
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	secure.quantserve.com
Address: 10.10.10.1

      But, if I try the same for anywhere in the LAN I actually can resolve the name:

      nslookup  secure.quantserve.com
;; Truncated, retrying in TCP mode.
Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
secure.quantserve.com	canonical name = 2kpixel.quantserve.com.
2kpixel.quantserve.com	canonical name = global.px.quantserve.com.
global.px.quantserve.com	canonical name = pixel-use101-lighttpd.pixel.quantserve.net.
pixel-use101-lighttpd.pixel.quantserve.net	canonical name = internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com.
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.225
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.227
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.223
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.217
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.206
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.193
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.194
Name:	internal-pixel-use101-lighttpd-elb-1202564112.us-east-1.elb.amazonaws.com
Address: 192.184.68.212

      Any suggestions on what I might be doing wrong? This is the out of the box wizard config...

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • A
        apellegr
        last edited by

        @apellegr said in pfBlockerNG not blocking from the LAN:

        secure.quantserve.com

        Actually looks like a DNS issue on the mac I am using to run the tests, somehow it's still using its own DNS setting.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Yeah looks like its pointing to local caching prob running dnsmasq locally and that is forwarding to where exactly?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • A
            apellegr
            last edited by

            Thanks for the reply, Johnpoz. Turns out that some of the firewalls/antiviruses in the Mac are messing with the DNS. Everything is working fine on systems that don't have that junk.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.