1. Home
  2. pfSense Packages
  3. pfBlockerNG
  4. PfblockerNG breaks host override

PfblockerNG breaks host override

  • L

    I have pfBlockerNG-devel 2.2.5_21 and latest version of pfsense.

    My issue is described here https://forum.netgate.com/topic/140021/dns-resolver-host-override-not-working/10

    Basically with pfblockerng host override function doesn't work well, it works for a while 15 20 mins but after that is doesn't resolver anymore the local IP. If I disable pfblockerng everything works fine

    0
  • RonpfS

    Do you get any DNSBL Block alerts about duckdns.org ?
    Did you inspect the pfblockerNG.log during a Force Reload All or during a Cron Update?

    0 L 1 Reply
  • L

    @ronpfs said in PfblockerNG breaks host override:

    Do you get any DNSBL Block alerts about duckdns.org ?
    Did you inspect the pfblockerNG.log during a Force Reload All or during a Cron Update?

    No, duckdns is not being blocked
    I reviewed the log and everything looked normal, should I look for something in particular?
    What I can check is if the host override always stop working after a force reload or a cron update.

    Beside if there is something else I can do to help you to find a solution let me know. What I can tell you is that this was working properly in the previous pfblockerng version, I think it was after the last update when the host override started to fail

    0
  • RonpfS

    @l0rdraiden said in PfblockerNG breaks host override:

    2.2.5_21 and latest version of pfsense.

    Maybe post your log, the DNSBL configuration, do some shell cmd like
    nslookup, dig, host, drill to figure out what's happening.

    Does a

    unbound-control -c /var/unbound/unbound.conf reload

    after a Cron Update or Force reload DNSBL give you the correct behaviour?

    0 L 1 Reply
  • L

    @ronpfs said in PfblockerNG breaks host override:

    @l0rdraiden said in PfblockerNG breaks host override:

    2.2.5_21 and latest version of pfsense.

    Maybe post your log, the DNSBL configuration, do some shell cmd like
    nslookup, dig, host, drill to figure out what's happening.

    Does a

    unbound-control -c /var/unbound/unbound.conf reload

    after a Cron Update or Force reload DNSBL give you the correct behaviour?

    So I have enable pfblockerNG dnsbl, pfsense was still resolving the local IP Address, then I have forced a cron update and after the cron update is stopped working

    0_1548837053131_73ebd44a-085f-4e79-a380-d2730fb08d58-imagen.png

    This is the log
    ===group

    ``` CRON  PROCESS  START [ 01/30/19 09:24:36 ]
[ Abuse_Feodo_C2_Agr_v4 ]
  Remote timestamp: Wed, 30 Jan 2019 08:15:04 GMT
  Local  timestamp: Wed, 30 Jan 2019 07:55:04 GMT	Update found
[ Abuse_IPBL_v4 ]
  Remote timestamp: Wed, 30 Jan 2019 08:20:02 GMT
  Local  timestamp: Wed, 30 Jan 2019 08:00:02 GMT	Update found
[ Abuse_SSLBL_Agr_v4 ]
  Remote timestamp: Wed, 30 Jan 2019 08:21:41 GMT
  Local  timestamp: Wed, 30 Jan 2019 08:01:20 GMT	Update found
[ Abuse_Zeus_Agr_v4 ] [ 01/30/19 09:24:37 ]
  Remote timestamp: Mon, 21 Jan 2019 20:30:02 GMT
  Local  timestamp: Mon, 21 Jan 2019 20:30:02 GMT	Update not required
[ BBC_C2_Agr_v4 ]
  Remote timestamp: Wed, 30 Jan 2019 08:11:20 GMT
  Local  timestamp: Wed, 30 Jan 2019 07:12:29 GMT	Update found
[ CINS_army_v4 ] [ 01/30/19 09:24:38 ]
  Remote timestamp: Wed, 30 Jan 2019 07:45:42 GMT
  Local  timestamp: Wed, 30 Jan 2019 07:45:42 GMT	Update not required
[ ET_Comp_v4 ]
  Remote timestamp: Tue, 29 Jan 2019 05:29:58 GMT
  Local  timestamp: Tue, 29 Jan 2019 05:29:58 GMT	Update not required
[ ISC_1000_1_v4 ] [ 01/30/19 09:24:39 ]
				( md5 feed )		. 200 OK
				( md5 unchanged )	Update not required
[ ISC_Block_v4 ] [ 01/30/19 09:24:45 ]
  Remote timestamp: Wed, 30 Jan 2019 08:15:27 GMT
  Local  timestamp: Wed, 30 Jan 2019 08:00:39 GMT	Update found
[ Talos_BL_v4 ] [ 01/30/19 09:24:46 ]
				( md5 feed )		. 200 OK
				( md5 unchanged )	Update not required
[ Alienvault_v4 ] [ 01/30/19 09:24:48 ]
  Remote timestamp: Wed, 30 Jan 2019 08:17:46 GMT
  Local  timestamp: Wed, 30 Jan 2019 07:46:28 GMT	Update found
[ GreenSnow_v4 ] [ 01/30/19 09:24:49 ]
  Remote timestamp: Wed, 30 Jan 2019 08:24:48 GMT
  Local  timestamp: Wed, 30 Jan 2019 08:01:52 GMT	Update found
[ MDL_v4 ] [ 01/30/19 09:24:50 ]
  Remote timestamp: Tue, 25 Dec 2018 10:48:29 GMT
  Local  timestamp: Tue, 25 Dec 2018 10:48:29 GMT	Update not required
[ BadIPs_1d_v4 ] [ 01/30/19 09:24:51 ]
				( md5 feed )		. 200 OK
				( md5 changed )		Update found
[ BDS_Ban_v4 ] [ 01/30/19 09:24:52 ]
  Remote timestamp: Wed, 30 Jan 2019 08:00:10 GMT
  Local  timestamp: Wed, 30 Jan 2019 08:00:10 GMT	Update not required
[ ATK_NORM_v4 ]
  Remote timestamp: Wed, 30 Jan 2019 05:14:30 GMT
  Local  timestamp: Wed, 30 Jan 2019 05:14:30 GMT	Update not required
[ TORPrj_EN_v4 ] [ 01/30/19 09:24:53 ]
  Remote timestamp: Wed, 30 Jan 2019 08:07:55 GMT
  Local  timestamp: Wed, 30 Jan 2019 07:11:39 GMT	Update found
[ DMe_TOR_EN_v4 ]
  Remote timestamp: Wed, 30 Jan 2019 08:01:13 GMT
  Local  timestamp: Wed, 30 Jan 2019 08:01:13 GMT	Update not required
[ EasyList ] [ 01/30/19 09:24:55 ]
  Remote timestamp: Wed, 30 Jan 2019 08:11:21 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:51:21 GMT	Update found
[ EasyPrivacy ] [ 01/30/19 09:24:56 ]
  Remote timestamp: Wed, 30 Jan 2019 08:12:13 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:42:15 GMT	Update found
[ EasyList_Spanish ]
  Remote timestamp: Wed, 30 Jan 2019 08:12:10 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:42:11 GMT	Update found
[ Adaway ]
  Remote timestamp: Sat, 20 Jan 2018 18:32:43 GMT
  Local  timestamp: Sat, 20 Jan 2018 18:32:43 GMT	Update not required
[ Adguard ] [ 01/30/19 09:24:57 ]
  Remote timestamp: Wed, 30 Jan 2019 07:57:36 GMT
  Local  timestamp: Tue, 29 Jan 2019 07:57:40 GMT	Update found
[ Cameleon ]
  Remote timestamp: Sun, 18 Mar 2018 09:51:53 GMT
  Local  timestamp: Sun, 18 Mar 2018 09:51:53 GMT	Update not required
[ D_Me_ADs ] [ 01/30/19 09:24:58 ]
  Remote timestamp: Wed, 09 Mar 2016 19:46:05 GMT
  Local  timestamp: Wed, 09 Mar 2016 19:46:05 GMT	Update not required
[ D_Me_Tracking ] [ 01/30/19 09:24:59 ]
  Remote timestamp: Fri, 31 Jul 2015 19:01:02 GMT
  Local  timestamp: Fri, 31 Jul 2015 19:01:02 GMT	Update not required
[ EasyList2 ]
  Remote timestamp: Wed, 30 Jan 2019 07:57:36 GMT
  Local  timestamp: Tue, 29 Jan 2019 07:57:40 GMT	Update found
[ EasyPrivacy2 ] [ 01/30/19 09:25:00 ]
  Remote timestamp: Wed, 30 Jan 2019 07:57:36 GMT
  Local  timestamp: Tue, 29 Jan 2019 07:57:40 GMT	Update found
[ hpHosts_ATS ]
  Remote timestamp: Tue, 15 Jan 2019 01:48:14 GMT
  Local  timestamp: Tue, 15 Jan 2019 01:48:14 GMT	Update not required
[ Lightswitch ] [ 01/30/19 09:25:01 ]
				( md5 feed )		. 200 OK
				( md5 changed )		Update found
[ SBL_ADs ]
  Remote timestamp: Tue, 29 Jan 2019 16:14:19 GMT
  Local  timestamp: Mon, 28 Jan 2019 18:41:02 GMT	Update found
[ Yoyo ] [ 01/30/19 09:25:02 ]
  Remote timestamp: Wed, 23 Jan 2019 15:34:01 GMT
  Local  timestamp: Wed, 23 Jan 2019 15:34:01 GMT	Update not required
[ Abuse_DOMBL ] [ 01/30/19 09:25:03 ]
  Remote timestamp: Wed, 30 Jan 2019 08:20:02 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:55:02 GMT	Update found
[ Abuse_URLBL ]
  Remote timestamp: Wed, 30 Jan 2019 08:20:02 GMT
  Local  timestamp: Tue, 29 Jan 2019 12:00:02 GMT	Update found
[ Abuse_Zeus_BD ]
				( md5 feed )		. 200 OK
				( md5 unchanged )	Update not required
[ BBC_DC2_Agr ]
  Remote timestamp: Wed, 30 Jan 2019 08:11:20 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:11:08 GMT	Update found
[ D_Me_Malv ] [ 01/30/19 09:25:04 ]
  Remote timestamp: Wed, 30 Jan 2019 08:21:05 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:22:28 GMT	Update found
[ D_Me_Malw ]
  Remote timestamp: Wed, 30 Jan 2019 08:21:04 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:22:28 GMT	Update found
[ hpHosts_EMD ] [ 01/30/19 09:25:05 ]
  Remote timestamp: Tue, 29 Jan 2019 15:21:25 GMT
  Local  timestamp: Mon, 28 Jan 2019 19:29:08 GMT	Update found
[ hpHosts_EXP ]
  Remote timestamp: Fri, 25 May 2018 08:53:15 GMT
  Local  timestamp: Fri, 25 May 2018 08:53:15 GMT	Update not required
[ hpHosts_HJK ] [ 01/30/19 09:25:06 ]
  Remote timestamp: Thu, 01 Nov 2018 19:57:56 GMT
  Local  timestamp: Thu, 01 Nov 2018 19:57:56 GMT	Update not required
[ MDL ] [ 01/30/19 09:25:07 ]
  Remote timestamp: Tue, 25 Dec 2018 10:48:27 GMT
  Local  timestamp: Tue, 25 Dec 2018 10:48:27 GMT	Update not required
[ MDS ]
  Remote timestamp: Mon, 28 Jan 2019 22:53:49 GMT
  Local  timestamp: Mon, 28 Jan 2019 22:53:49 GMT	Update not required
[ SWC ] [ 01/30/19 09:25:11 ]
  Remote timestamp: Wed, 30 Jan 2019 02:36:56 GMT
  Local  timestamp: Fri, 25 Jan 2019 08:18:53 GMT	Update found
[ hpHosts_PSH ] [ 01/30/19 09:25:12 ]
  Remote timestamp: Tue, 29 Jan 2019 23:58:29 GMT
  Local  timestamp: Tue, 29 Jan 2019 00:03:18 GMT	Update found
[ OpenPhish ] [ 01/30/19 09:25:13 ]
  Remote timestamp: Wed, 30 Jan 2019 08:00:04 GMT
  Local  timestamp: Tue, 29 Jan 2019 11:00:04 GMT	Update found
[ CoinBlocker_All ]
  Remote timestamp: Wed, 30 Jan 2019 05:30:37 GMT
  Local  timestamp: Wed, 16 Jan 2019 18:47:32 GMT	Update found
 UPDATE PROCESS START [ 01/30/19 09:25:14 ]

===[  DNSBL Process  ]================================================

 Loading DNSBL Statistics... completed
 Loading DNSBL Whitelist... completed

[ EasyList ]			 Downloading update .. 200 OK.
  Whitelist: affiliationjs.s3.amazonaws.com|airpushmarketing.s3.amazonaws.com|blamads-assets.s3.amazonaws.com|epowernetworktrackerimages.s3.amazonaws.com|gateways.s3.amazonaws.com|gfaf-banners.s3.amazonaws.com|kbnetworkz.s3.amazonaws.com|leaddyno-client-images.s3.amazonaws.com|secretmedia.s3.amazonaws.com|smblock.s3.amazonaws.com|stuff-nzwhistleout.s3.amazonaws.com|whistleout.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  907      907        0          12         0          895                  
  ----------------------------------------------------------------------

[ EasyPrivacy ]			 Downloading update [ 01/30/19 09:25:16 ] .. 200 OK.
  Whitelist: analyticsengine.s3.amazonaws.com|cadreon.s3.amazonaws.com|chartaca.com.s3.amazonaws.com|d303e3cdddb4ded4b6ff495a7b496ed5.s3.amazonaws.com|gtrk.s3.amazonaws.com|immassets.s3.amazonaws.com|magnify360-cdn.s3.amazonaws.com|rich-agent.s3.amazonaws.com|s3-tracking.synthasite.net.s3.amazonaws.com|sana.newsinc.com.s3.amazonaws.com|thetradedesk-tags.s3.amazonaws.com|tree-pixel-log.s3.amazonaws.com|wp-stat.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  2598     2597       1          13         0          2583                 
  ----------------------------------------------------------------------

[ EasyList_Spanish ]		 Downloading update [ 01/30/19 09:25:17 ] .. 200 OK.
  Whitelist: bannersweb.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  8        8          1          1          0          6                    
  ----------------------------------------------------------------------

[ Adaway ]			 exists. [ 01/30/19 09:25:19 ]
[ Adguard ]			 Downloading update .. 200 OK.
  Whitelist: ad-arata.s3.amazonaws.com|admarvel.s3.amazonaws.com|adpublisher.s3.amazonaws.com|analyticsengine.s3.amazonaws.com|cadreon.s3.amazonaws.com|chartaca.com.s3.amazonaws.com|d303e3cdddb4ded4b6ff495a7b496ed5.s3.amazonaws.com|demandmedia.s3.amazonaws.com|ecommstats.s3.amazonaws.com|entrecard.s3.amazonaws.com|gtrk.s3.amazonaws.com|inpref.s3.amazonaws.com|loved-by.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|magnify360-cdn.s3.amazonaws.com|nativead.s3.amazonaws.com|rich-agent.s3.amazonaws.com|s3-tracking.synthasite.net.s3.amazonaws.com|sana.newsinc.com.s3.amazonaws.com|thetradedesk-tags.s3.amazonaws.com|tree-pixel-log.s3.amazonaws.com|um-public-panel-prod.s3.amazonaws.com|wp-stat.s3.amazonaws.com|yc-ads.s3.amazonaws.com|yieldmo-builds.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  25486    25486      2242       25         0          23219                
  ----------------------------------------------------------------------

[ Cameleon ]			 exists. [ 01/30/19 09:25:20 ]
[ D_Me_ADs ]			 exists.
[ D_Me_Tracking ]		 exists.
[ EasyList2 ]			 Downloading update .. 200 OK.
  Whitelist: affilate-img-affasi.s3.amazonaws.com|affiliationjs.s3.amazonaws.com|airpushmarketing.s3.amazonaws.com|blamads-assets.s3.amazonaws.com|bo-videos.s3.amazonaws.com|entrecard.s3.amazonaws.com|epowernetworktrackerimages.s3.amazonaws.com|gateways.s3.amazonaws.com|gfaf-banners.s3.amazonaws.com|kbnetworkz.s3.amazonaws.com|leaddyno-client-images.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|news-whistleout.s3.amazonaws.com|secretmedia.s3.amazonaws.com|smblock.s3.amazonaws.com|strikeadcdn.s3.amazonaws.com|stuff-nzwhistleout.s3.amazonaws.com|whistleout.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  17087    17039      13076      18         0          3945                 
  ----------------------------------------------------------------------

[ EasyPrivacy2 ]		 Downloading update [ 01/30/19 09:25:21 ] .. 200 OK.
  Whitelist: analyticsengine.s3.amazonaws.com|cadreon.s3.amazonaws.com|chartaca.com.s3.amazonaws.com|d303e3cdddb4ded4b6ff495a7b496ed5.s3.amazonaws.com|demandmedia.s3.amazonaws.com|ecommstats.s3.amazonaws.com|gtrk.s3.amazonaws.com|immassets.s3.amazonaws.com|magnify360-cdn.s3.amazonaws.com|rich-agent.s3.amazonaws.com|s3-tracking.synthasite.net.s3.amazonaws.com|sana.newsinc.com.s3.amazonaws.com|thetradedesk-tags.s3.amazonaws.com|tree-pixel-log.s3.amazonaws.com|wp-stat.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  6450     6442       6377       15         0          50                   
  ----------------------------------------------------------------------

[ hpHosts_ATS ]			 exists. [ 01/30/19 09:25:23 ]
[ Lightswitch ]			 Downloading update . ( md5 feed ) .
  Whitelist: aax-eu.amazon-adsystem.com|anvato-api-config.s3.amazonaws.com|btf-analytics.s3.amazonaws.com|device-fingerprintdb-v1.s3.amazonaws.com|tor-sponsored-posts.s3.amazonaws.com|whatcounts_saas.s3.amazonaws.com|wpad.localdomain|www.anvato-api-config.s3.amazonaws.com|www.btf-analytics.s3.amazonaws.com|www.device-fingerprintdb-v1.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  32706    32706      1960       10         0          30736                
  ----------------------------------------------------------------------

[ SBL_ADs ]			 Downloading update [ 01/30/19 09:25:24 ] .. 200 OK.
  Whitelist: admarvel.s3.amazonaws.com|ads5.iphone.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|entrecard.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|yab-adimages.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  4417     4417       3942       8          0          467                  
  ----------------------------------------------------------------------

[ Yoyo ]			 exists. [ 01/30/19 09:25:25 ]
[ Abuse_DOMBL ]			 Downloading update [ 01/30/19 09:25:26 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  1903     1903       0          0          0          1903                 
  ----------------------------------------------------------------------

[ Abuse_URLBL ]			 Downloading update [ 01/30/19 09:25:27 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  11494    7744       3          0          0          7741                 
  ----------------------------------------------------------------------

[ Abuse_Zeus_BD ]		 exists. [ 01/30/19 09:25:28 ]
[ BBC_DC2_Agr ]			 Downloading update .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  742      741        9          0          0          732                  
  ----------------------------------------------------------------------

[ D_Me_Malv ]			 Downloading update [ 01/30/19 09:25:29 ] .. 200 OK.
  Whitelist: admarvel.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|entrecard.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|yab-adimages.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  2816     2816       2730       6          0          80                   
  ----------------------------------------------------------------------

[ D_Me_Malw ]			 Downloading update [ 01/30/19 09:25:31 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  80       80         80         0          0          0                    
  ----------------------------------------------------------------------

[ hpHosts_EMD ]			 Downloading update [ 01/30/19 09:25:32 ] .. 200 OK.
  Whitelist: microsoft.track11.s3.amazonaws.com|security.threats122.s3.amazonaws.com|stalkerxx.s3.amazonaws.com|ts-prod-assets.tripleseat.com.s3.amazonaws.com|winalert.s3.amazonaws.com|windowserror3.s3.amazonaws.com|www.microsoft.track11.s3.amazonaws.com|www.security.threats122.s3.amazonaws.com|www.ts-prod-assets.tripleseat.com.s3.amazonaws.com|www.winalert.s3.amazonaws.com|www.windowserror3.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  236881   236857     6575       11         0          230271               
  ----------------------------------------------------------------------

[ hpHosts_EXP ]			 exists. [ 01/30/19 09:25:41 ]
[ hpHosts_HJK ]			 exists.
[ MDL ]				 exists.
[ MDS ]				 exists.
[ SWC ]				 Downloading update .. 200 OK
  IDN converted: [ secret.ɢoogle.com ]	 [ secret.xn--oogle-wmc.com ].
  Whitelist: adagiobanner.s3.amazonaws.com|localhost.localdomain|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  14110    14100      4455       2          0          9643                 
  ----------------------------------------------------------------------

[ hpHosts_PSH ]			 Downloading update [ 01/30/19 09:25:45 ] .. 200 OK
  IDN converted: [ bireysel-zîraat.com ]	 [ xn--bireysel-zraat-pmb.com ]
  IDN converted: [ www.hualañe.cl ]	 [ www.xn--hualae-0wa.cl ].
  Whitelist: buffer-media-uploads.s3.amazonaws.com|dk-media.s3.amazonaws.com|www.dk-media.s3.amazonaws.com|
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  168894   168888     5672       3          0          163213               
  ----------------------------------------------------------------------

[ OpenPhish ]			 Downloading update [ 01/30/19 09:25:52 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  2036     823        404        0          0          419                  
  ----------------------------------------------------------------------

[ CoinBlocker_All ]		 Downloading update [ 01/30/19 09:25:54 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  15819    15819      809        0          0          15010                
  ----------------------------------------------------------------------

Saving DNSBL database... completed

------------------------------------------------------------------------
Assembling DNSBL database... completed [ 01/30/19 09:25:59 ]
Resolver Live Sync analysis... completed [ 01/30/19 09:26:01 ]
Resolver Live Sync finalizing:
	Remove local-zone(s):		no changes
	Remove local-data(s):		removed 167 datas
	Add local-zone(s):		added 889 zones
	Add local-data(s):		added 889 datas
Resolver Live Sync... completed [ 01/30/19 09:26:03 ]
DNSBL update [ 576817 | PASSED  ]... completed

DNSBL DEBUG.[ Data(s): 576817	Zone(s): 0 | 01/30/19 09:26:06 ]
------------------------------------------------------------------------

===[  GeoIP Process  ]============================================

[ pfB_Europe_v4 ]		 exists.

===[  IPv4 Process  ]=================================================

[ Abuse_Feodo_C2_Agr_v4 ]	 Downloading update .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  3359     3349       
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  3359     3347       3347        [ Pass ] 
  -----------------------------------------------------------------

[ Abuse_IPBL_v4 ]		 Downloading update [ 01/30/19 09:26:07 ] .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  316      314        
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  316      314        314         [ Pass ] 
  -----------------------------------------------------------------

[ Abuse_SSLBL_Agr_v4 ]		 Downloading update .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  4578     4292       
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  4578     4286       4286        [ Pass ] 
  -----------------------------------------------------------------

[ Abuse_Zeus_Agr_v4 ]		 exists. [ 01/30/19 09:26:08 ]
[ BBC_C2_Agr_v4 ]		 Downloading update .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  540      441        
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  540      439        439         [ Pass ] 
  -----------------------------------------------------------------

[ CINS_army_v4 ]		 exists. [ 01/30/19 09:26:09 ]
[ ET_Comp_v4 ]			 exists.
[ ISC_1000_1_v4 ]		 exists.
[ ISC_Block_v4 ]		 Downloading update .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  40       18         
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  21       18         18          [ Pass ] 
  -----------------------------------------------------------------

[ Talos_BL_v4 ]			 exists. [ 01/30/19 09:26:10 ]
[ Alienvault_v4 ]		 Downloading update .. 200 OK.. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  79553    77045      
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  79553    75751      75751       [ Pass ] 
  -----------------------------------------------------------------

[ GreenSnow_v4 ]		 Downloading update [ 01/30/19 09:26:12 ] .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  2723     2651       
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  2723     2023       2023        [ Pass ] 
  -----------------------------------------------------------------

[ MDL_v4 ]			 exists. [ 01/30/19 09:26:13 ]
[ BadIPs_1d_v4 ]		 Downloading update . ( md5 feed ) . completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  2575     2508       
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  2575     2173       2173        [ Pass ] 
  -----------------------------------------------------------------

[ BDS_Ban_v4 ]			 exists.
[ ATK_NORM_v4 ]			 exists.
[ TORPrj_EN_v4 ]		 Downloading update .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  890      771        
  ------------------
  ------------------------------
  Original Master     Final     
  ------------------------------
  890      36         36          [ Pass ] 
  -----------------------------------------------------------------

[ DMe_TOR_EN_v4 ]		 exists. [ 01/30/19 09:26:14 ]

===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload

 Updating: pfB_PRI1_v4
2 addresses added.2 addresses deleted.
 Updating: pfB_PRI2_v4
13 addresses added.4 addresses deleted.
 Updating: pfB_PRI3_v4
15 addresses added.15 addresses deleted.
 Updating: pfB_PRI4_v4
2 addresses added.
 Updating: pfB_TOR_v4
2 addresses added.

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 139536 ]

   [ Final IP Count  ]  [ 97709 ]


===[ Permit List IP Counts ]=========================

    5435 /var/db/pfblockerng/permit/pfB_Europe_v4.txt

===[ Deny List IP Counts ]===========================

   97709 total
   75751 /var/db/pfblockerng/deny/Alienvault_v4.txt
    4286 /var/db/pfblockerng/deny/Abuse_SSLBL_Agr_v4.txt
    3347 /var/db/pfblockerng/deny/Abuse_Feodo_C2_Agr_v4.txt
    2780 /var/db/pfblockerng/deny/BDS_Ban_v4.txt
    2173 /var/db/pfblockerng/deny/BadIPs_1d_v4.txt
    2023 /var/db/pfblockerng/deny/GreenSnow_v4.txt
    1772 /var/db/pfblockerng/deny/ATK_NORM_v4.txt
    1233 /var/db/pfblockerng/deny/Talos_BL_v4.txt
    1135 /var/db/pfblockerng/deny/ET_Comp_v4.txt
     965 /var/db/pfblockerng/deny/MDL_v4.txt
     780 /var/db/pfblockerng/deny/CINS_army_v4.txt
     468 /var/db/pfblockerng/deny/ISC_1000_1_v4.txt
     439 /var/db/pfblockerng/deny/BBC_C2_Agr_v4.txt
     314 /var/db/pfblockerng/deny/Abuse_IPBL_v4.txt
     112 /var/db/pfblockerng/deny/Abuse_Zeus_Agr_v4.txt
      77 /var/db/pfblockerng/deny/DMe_TOR_EN_v4.txt
      36 /var/db/pfblockerng/deny/TORPrj_EN_v4.txt
      18 /var/db/pfblockerng/deny/ISC_Block_v4.txt

===[ DNSBL Domain/IP Counts ] ===================================

  576817 total
  230271 /var/db/pfblockerng/dnsbl/hpHosts_EMD.txt
  163213 /var/db/pfblockerng/dnsbl/hpHosts_PSH.txt
   36738 /var/db/pfblockerng/dnsbl/hpHosts_ATS.txt
   30736 /var/db/pfblockerng/dnsbl/Lightswitch.txt
   25142 /var/db/pfblockerng/dnsbl/MDS.txt
   23219 /var/db/pfblockerng/dnsbl/Adguard.txt
   19572 /var/db/pfblockerng/dnsbl/Cameleon.txt
   15010 /var/db/pfblockerng/dnsbl/CoinBlocker_All.txt
    9643 /var/db/pfblockerng/dnsbl/SWC.txt
    7741 /var/db/pfblockerng/dnsbl/Abuse_URLBL.txt
    3945 /var/db/pfblockerng/dnsbl/EasyList2.txt
    2583 /var/db/pfblockerng/dnsbl/EasyPrivacy.txt
    1903 /var/db/pfblockerng/dnsbl/Abuse_DOMBL.txt
    1506 /var/db/pfblockerng/dnsbl/D_Me_ADs.txt
    1155 /var/db/pfblockerng/dnsbl/hpHosts_EXP.txt
     895 /var/db/pfblockerng/dnsbl/EasyList.txt
     732 /var/db/pfblockerng/dnsbl/BBC_DC2_Agr.txt
     645 /var/db/pfblockerng/dnsbl/MDL.txt
     467 /var/db/pfblockerng/dnsbl/SBL_ADs.txt
     444 /var/db/pfblockerng/dnsbl/Yoyo.txt
     419 /var/db/pfblockerng/dnsbl/OpenPhish.txt
     398 /var/db/pfblockerng/dnsbl/Adaway.txt
     238 /var/db/pfblockerng/dnsbl/hpHosts_HJK.txt
      80 /var/db/pfblockerng/dnsbl/D_Me_Malv.txt
      50 /var/db/pfblockerng/dnsbl/EasyPrivacy2.txt
      48 /var/db/pfblockerng/dnsbl/Abuse_Zeus_BD.txt
      18 /var/db/pfblockerng/dnsbl/D_Me_Tracking.txt
       6 /var/db/pfblockerng/dnsbl/EasyList_Spanish.txt
       0 /var/db/pfblockerng/dnsbl/D_Me_Malw.txt

====================[ IPv4/6 Last Updated List Summary ]==============

Dec 25	11:48	MDL_v4
Jan 21	21:30	Abuse_Zeus_Agr_v4
Jan 27	23:54	pfB_Europe_v4
Jan 29	06:29	ET_Comp_v4
Jan 30	04:02	ISC_1000_1_v4
Jan 30	06:14	ATK_NORM_v4
Jan 30	08:45	CINS_army_v4
Jan 30	09:00	BDS_Ban_v4
Jan 30	09:01	DMe_TOR_EN_v4
Jan 30	09:01	Talos_BL_v4
Jan 30	09:07	TORPrj_EN_v4
Jan 30	09:11	BBC_C2_Agr_v4
Jan 30	09:15	ISC_Block_v4
Jan 30	09:17	Alienvault_v4
Jan 30	09:20	Abuse_Feodo_C2_Agr_v4
Jan 30	09:21	Abuse_SSLBL_Agr_v4
Jan 30	09:25	Abuse_IPBL_v4
Jan 30	09:26	GreenSnow_v4
Jan 30	09:26	BadIPs_1d_v4

====================[ DNSBL Last Updated List Summary ]==============

Jul 31	2015	D_Me_Tracking
Mar 9	2016	D_Me_ADs
Jan 20	2018	Adaway
Mar 18	2018	Cameleon
May 25	2018	hpHosts_EXP
Nov 1	20:57	hpHosts_HJK
Dec 25	11:48	MDL
Jan 15	02:48	hpHosts_ATS
Jan 22	18:04	Abuse_Zeus_BD
Jan 23	16:34	Yoyo
Jan 28	23:53	MDS
Jan 29	16:21	hpHosts_EMD
Jan 29	17:14	SBL_ADs
Jan 30	00:58	hpHosts_PSH
Jan 30	03:36	SWC
Jan 30	06:30	CoinBlocker_All
Jan 30	08:57	EasyPrivacy2
Jan 30	08:57	EasyList2
Jan 30	08:57	Adguard
Jan 30	09:00	OpenPhish
Jan 30	09:11	BBC_DC2_Agr
Jan 30	09:11	EasyList
Jan 30	09:12	EasyList_Spanish
Jan 30	09:12	EasyPrivacy
Jan 30	09:20	Abuse_URLBL
Jan 30	09:20	Abuse_DOMBL
Jan 30	09:21	D_Me_Malw
Jan 30	09:21	D_Me_Malv
Jan 30	09:25	Lightswitch
===============================================================

Database Sanity check [  PASSED  ]
------------------------
Masterfile/Deny folder uniq check
Deny folder/Masterfile uniq check

Sync check (Pass=No IPs reported)
----------

Alias table IP Counts
-----------------------------
  103144 total
   75751 /var/db/aliastables/pfB_PRI2_v4.txt
   12132 /var/db/aliastables/pfB_PRI1_v4.txt
    5435 /var/db/aliastables/pfB_Europe_v4.txt
    4953 /var/db/aliastables/pfB_PRI4_v4.txt
    2988 /var/db/aliastables/pfB_PRI3_v4.txt
    1772 /var/db/aliastables/pfB_ATK_v4.txt
     113 /var/db/aliastables/pfB_TOR_v4.txt

pfSense Table Stats
-------------------
table-entries hard limit   500000
Table Usage Count         210022

 UPDATE PROCESS ENDED [ 01/30/19 09:26:20 ]

```kotlin

    ===

    And I was doing nslookups all the time and it started to fail afer this happend (as you can see in the nslookups attached)

    Saving DNSBL database... completed

------------------------------------------------------------------------
Assembling DNSBL database... completed [ 01/30/19 09:25:59 ]
Resolver Live Sync analysis... completed [ 01/30/19 09:26:01 ]
Resolver Live Sync finalizing:
	Remove local-zone(s):		no changes
	Remove local-data(s):		removed 167 datas
	Add local-zone(s):		added 889 zones
	Add local-data(s):		added 889 datas
Resolver Live Sync... completed [ 01/30/19 09:26:03 ]
DNSBL update [ 576817 | PASSED  ]... completed

DNSBL DEBUG.[ Data(s): 576817	Zone(s): 0 | 01/30/19 09:26:06 ]
    0
  • RonpfS

    Now do

    unbound-control -c /var/unbound/unbound.conf reload

    and see if it's blocked after the reload.

    Can you

    grep blabla.duckdns.org /var/unbound/pfb_dnsbl.conf

    replace blabla with your host override name.

    0 L 1 Reply
  • L

    @ronpfs said in PfblockerNG breaks host override:

    Now do

    unbound-control -c /var/unbound/unbound.conf reload

    and see if it's blocked after the reload.

    Can you

    grep blabla.duckdns.org /var/unbound/pfb_dnsbl.conf

    replace blabla with your host override name.

    0_1548879358173_c97a428a-d0b4-4736-9b6f-8dad2c4ef164-imagen.png

    grep didn't return anything and the reload command made the host override work again.

    So is a bug?

    0
  • RonpfS

    Uncheck Resolver Live Sync in DNSBL settings.

    1
  • L

    @ronpfs said in PfblockerNG breaks host override:

    esolver Live Sync in DNSBL set

    Thanks a lot for you help and patience.
    I have disabled that setting. But is a bug that will be fixed or I can not enable that setting if I want to use host override?

    0
  • RonpfS

    @l0rdraiden said in PfblockerNG breaks host override:

    But is a bug that will be fixed or I can not enable that setting if I want to use host override?

    Let's see if it fix the failure mode after next Cron update.

    Resolver Live Sync make dynamic change to Unbound db on the fly. When you disable it, Unbound will reload the pfb_dnsbl.conf file instead.

    Depending on your host override settings, it may break the Resolver Live Sync. If you send me your host override settings by MP, I may find what's wrong.
    Well there is no MP on this forum. Let's try a chat instead.

    Host Override are in /var/unbound/host_entries.conf
    Domain Override are in /var/unbound/domainoverrides.conf

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy