pfBlockerNG-devel (2.2.5_23) - Unknow reason



  • Hi folks,

    I've setup a couple of HAproxy fronends/backends and one of them in particular is getting blocked by pfBlockerNG for "Unkown reason". I've whitelisted the entire domain which is my registered domain.

    My understanding the result below is just telling me is on cache, db and suppression list.

    Shell Output - grep -r "mydomain" /var/db/pfblockerng/*
    
    Binary file /var/db/pfblockerng/dnsbl_cache.sqlite matches
    Binary file /var/db/pfblockerng/dnsbl_levent.sqlite matches
    /var/db/pfblockerng/pfbdnsblsuppression.txt:.mydomain.com 60
    /var/db/pfblockerng/pfbdnsblsuppression.txt:"mydomain.com 60
    
    Jun 02 10:38:13 [5] 	LAN 	192.168.1.117
    SDF1 	      	unifi.mydomain.com [ Unknown ]  
      DNSBL-HTTPS | 	Unknown
    Unknown
    May 20 19:03:30 [3] 	LAN 	192.168.1.117
    SDF1 	      	unifi.mydomain.com [ Unknown ]
      DNSBL1x1 | |GET /manage HTTP/1.1|Mozilla/5.0 (X11; Ubuntu; Linux x86_... 	Unknown
    Unknown
    May 20 19:03:30 [1] 	LAN 	192.168.1.117
    SDF1 	      	unifi.mydomain.com [ Unknown ]  
      DNSBL-HTTPS | 	Unknown
    Unknown
    May 20 19:03:30 	LAN 	192.168.1.117
    SDF1 	      	unifi.mydomain.com [ Unknown ]  
      DNSBL-HTTPS | 	Unknown
    Unknown
    
    sor@ada:~$ nslookup unifi
    Server:         127.0.0.53
    Address:        127.0.0.53#53
    
    Non-authoritative answer:
    Name:   unifi.mydomain.com
    Address: 172.17.17.2
    

    Any idea how to troubleshoot this? I got 2 other frondends working just fine.



  • what ever list you added your domain to, make it primary in the settings. so it will be applied first.
    and mybe you can post this on reddit r/pfBlockerNG
    bbcan will reply to pretty fast.


Log in to reply