How define schedule time for DNSBL ?

  • Hello friends

    How can I define schedule time for DNSBL ?

    I'd set time for block or pass in diffrent time , can I do that ?

    I did my custom schedule for floating rules, but did not work also I did my custom time in cron for stop service "pfb_filter" but this was didn't work
    anywhere , anyone do you know?
    Thanks advance

  • Hmm....There is "Schedule" option for firewall rules (outside of DNSBL). If you could determine the IP(s) of the sites you want to block, you might be able to create standard firewall rules, but that could get messy and difficult very quickly. In theory, maybe use nslookup to find the IP you are resolving to, and block that on a schedule? It wouldn't work well for massive services like Google.

    It's a bit of a longshot, and not the answer you were looking for, I expect.

  • Thanks for your reply

    I'm checking firewall rule but there is one problem, when I'm using pfblockerng (DNSBL) in "DNSBL Custom_List" I created one of list url for blocking ,anywhere
    This file "DNSBL Custom_List" was saved in this path /var/unbound/pfb_dnsbl.conf
    This file path used in DNS Resolver in Custom option "server:include: /var/unbound/pfb_dnsbl.*conf"

    Now problem started from there, even if you stop services of pfblocker or disable firewall rule , DNS Resolver through this path "/var/unbound/pfb_dnsbl.conf " can block those urls and I can't define time schedule for DNSBL , this problem is solved with delete this file but that is not good idea for schedule.

    for your idea , I'm creating aliases url list but for big sites like "google,amazon,cloudflur,etc..." I'm having problem and That is not an operational idea

  • FW rules can be scheduled but they are for IPs space.

    DNSBL is in Domain Name space. There is no scheduling for DNSBL.

  • @RonpfS Thanks ✋
    There is no way to schedule Pfblockerng DNSBL rules?
    I'd like block windows update in special time , now with pfblockerng I can do this, but for all time ,but I want to block windows update in specified time e.g "8:00 AM to 6:00 PM" and in another time I want to pass windows update for client

    I try this with squidguard but squidguard has very problem with client and HTTPS and etc ..... and not good idea
    But pfblocker worked perfect.. just doesn't have schedule time for block or pass

  • @reza3sw said in How define schedule time for DNSBL ?:

    There is no way to schedule Pfblockerng DNSBL rules?

    There no such thing as DNSBL rules. DNSBL use unbound with it's tailored pfb_dnsbl.conf file to "intercept" DNS requests and sinkhole the answer to the VIP.

    Maybe you could use IP FW rules with a table containing Windows Update IPs.

  • @RonpfS yes correct
    Thanks again for your help and guidance

  • I found one solution for schedule time "pfb_dnsbl"
    In this solution you can define multi Cronjob for this action

    You can define Cron job for change name e.g : "pfb_dnsbl.conf"

    And create another cron job for stop service "pfb_dnsbl"
    And create another cron job for restart "unbound" at your preferred time

    It is very easy and practical

    Also you can change those jobs to default at your preferred time

  • Hey have you tested this DNSBL with time solution ? can you share details how to write commands for each cron job ?.... been using dnsbl works great... would be very nice to work with schedules like you said....