Pfblocker DSNBL causing some sites to not resolve
-
Probably related to this:
https://forum.netgate.com/topic/143357/lighttpd-version-1-4-51-in-latest-pkg-has-broken-the-block-page
Try the patch that is there... I have posted a PR but waiting on the pfSense Devs to approve. -
@BBcan177 thank you for the link. I will have to get that placed into the pfblocker relevant file
-
@BBcan177 now this is a very noob question, as I am a noob at this. How would I go about editing this within pfsense gui in the command prompt section of the diagnostics tab?
-
@themadsalvi
Download the latest v2.2.5_23 which has this fixed already. -
@BBcan177 I will have to troubleshoot further, since now neither the IP blocklists nor the dnsbl lists show as blocking in reports tab. Also the sites in the blocklists resolve to their respective IPs
-
Did you do a Force Update then a Force Reloal All?
Check the Status / Services tab and restart pfblockerNG services.
Inspect pfblockerng logs as well as System Logs to see what is happenning. -
@RonpfS yes, I did force update, then force reload all. I restarted both pfb services manually int the status>services area, and reset the unbound resolver. The lists are populated. I even uninstalled pfblocker-devel, without keeping settings, and re-installed it from package manager
Ipblock.log and dnsbl.log are empty or non existent.
-
@themadsalvi said in Pfblocker DSNBL causing some sites to not resolve:
ninstalled pfblocker-devel, without keeping settings, and r
Go thru pfblocker General tab, DNSBL tab & IP tab and save the settings, then do a Force Reload All.
I can't say much more without seeing any log files.
-
@themadsalvi said in Pfblocker DSNBL causing some sites to not resolve:
reset the unbound resolver
What do you mean by reset ?
-
@RonpfS sorry, restart in services tab
-
@RonpfS the IP blocks are showing, but DNSBL is not there at the reports tab.
-
@BBcan177 I still do not know why DNSBL blocks are not showing up on the reports tab in pfblockerng-devel. I am wondering if I am the only one that is having this issue, as I have not heard anyone else having this happen to them. The DNS lookup for the blocked sites does redirect to the VIP address, but since they do not show up on the reports tab, or in any logs, I cannot easily whitelist any domains from the report tab.
I have installed the newest version of the pfblockerng-devel package, and all related packages that come with the install. For me, it still does not even show up when I re-install without keeping any of the old settings, nor keeping any of the old blocklists.
-
@BBcan177 @RonpfSI was able to trace it down to an open source firmware(gargoyle router firmware) on my wireless router that was not playing nice with my pfsense box. I do not know exactly how, or why, but the domain information that is used to get the blocks on the report page was not being forwarded correctly(or something else equally weird) to the pfsense box. When I reverted to the stock firmware on the router, it immediately began to report the domain blocks on the reports tab in pfblocker. Was strange, and unexpected.
I have to thank BBcan177 so much for taking time out of his busy schedule to teamviewer with me today to continue to troubleshoot this issue. Thank you RonpfS as well for helping me in this matter.
