No DNSBL Blocking after scheduled update

  • Since a few days (at least I am quite sure this was not the case in the past ...) there is no DNSBL blocking any more after the scheduled update cron task has been running.

    It does not matter if it is running every hour or only one time in the night. After the update, no DNS names in the blacklists are blocked anymore.

    I can fix that by manually running a reload from the Web UI. After that, blocking is working again.

    Has anyone an idea what might be the root cause here?

    2.4.4-RELEASE-p1 / pfBlockerNG-devel	2.2.5_21

    Thanks a lot!

  • @m0urs said in No DNSBL Blocking after scheduled update:

    2.4.4-RELEASE-p1 / pfBlockerNG-devel 2.2.5_2

    Both are outdated, update and then report back with more information than that.

  • @grimson said in No DNSBL Blocking after scheduled update:

    Both are outdated,

    It's probably a Typo and he has 2.2.5_21

  • @m0urs said in No DNSBL Blocking after scheduled update:

    Has anyone an idea what might be the root cause here?

    Well without pfblockerng logs , systems logs or Resolver logs it's very difficult to debug.

  • Ok, the version number was indeed a copy & paste error. Sorry. Enclosed some log files. Let me know if you need more. The DNS Resolver log does not show any interesting. Last entry was yesterday after I rebootet the box. After reboot everything worked as it does after a manual reloading.

    The cron job is running daily, the update of my DNSBL is set to "Daily" and the time for "Daily" is set to 04:00. Right after that 04:00 updating task the blocking stopped which you can see in the logs as well.

    I did a manual reload at about 09:43 which should be in the logs as well. Afterwards everything worked again. You can see blocking starting in the log.

    Let me know which information you still might need. Thanks.

  • II see nothing wrong in the logs.

    Try with Resolver Live Sync disabled. You DNSBL db is small so Unbound should reload in a few seconds.

  • @ronpfs Thanks. It seems that solved the issue. I set that option in the past as I did hourly updates and I wanted to avoid that I had DNS blocked for about 30 seconds and more. As I changed the update to daily and did it in the night this option is not really necessary now. However: Any idea why it suddenly stopped working? I had set this option for weeks without any problems.

  • It could be an issue with Resolver Live Sync when TLD isn't enabled.

  • @ronpfs Ok. However I had not enabled this option before. Nevertheless, I can live with the current config and I am waiting for the new version with Python support, which should avoid Unbound restarting anyhow as far as I understood ...

  • @ronpfs said in No DNSBL Blocking after scheduled update:

    Try with Resolver Live Sync disabled

    I want to report that I am seeing the exact same issue and I am using pfSense 2.4.4-RELEASE-p2 (amd64) and pfBlockerNG Doing a manual reload fixes issue until next cron run.

    I do have Live Sync enabled and have TLD disabled. I'll disable the Live Sync and monitor for a few days then report back.

  • Just wanted to report back that its been a few days and I can confirm that disabling Live Sync does indeed solve this issue for myself.

    Since disabling, DNSBL has been blocking as it should after the cron runs.

    Thanks for the tip on disabling the "Resolver Live Sync" @RonpfS

Log in to reply