Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking lists not working

    Scheduled Pinned Locked Moved pfBlockerNG
    7 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Chasire
      last edited by

      Hi there

      I have installed my pfblockerNG package and I made two lists: one to block malware and spyware, the other to block porn. Those are intended for the LAN-network.

      I used the lists from the GitHub:
      https://github.com/pi-hole/pi-hole/wiki/Customising-sources-for-ad-lists
      https://github.com/StevenBlack/hosts

      I have set them correctly at the DNSBL but there comes my problem, my LAN-rules.
      From the looks of it it looks ok and I can go to the internet with it. I am aware that I need to change something with the DNS in order to get the lists working yet I don't know how.

      I'll drop you more details below to get the picture (no pun intended):

      88427b83-ee1a-41ba-8a1c-a0514cdbce21-image.png

      6e29ef63-f991-4088-b4d5-ac50bdd971e4-image.png

      f7ec05cb-0c16-4bc4-aa26-a2ba5efc95e7-image.png

      e3ea6285-8023-4cc8-8388-0405f9912321-image.png

      0cc531db-a653-47e7-b646-57f44d9a7a6a-image.png

      Any comment, advice or tips are appreciated.

      1 Reply Last reply Reply Quote 0
      • R
        rjcrowder
        last edited by

        First of all... the easiest way to get this working is to install the dev version of pfBlockerNG. It has pre-built settings for adds and you can also turn on a couple feeds where you can block porn.

        The LAN rules don't really have anything to do with it. The blocks are done by DNS resolution. So - you'll have to be using the DNS resolver (unbound) rather than the forwarder (although you can configure unbound to forward). Then make sure your clients are using pfSense for DNS resolution. Lan rules can be used to make sure people don't bypass pfSense as the DNS resolver.

        1 Reply Last reply Reply Quote 1
        • NogBadTheBadN
          NogBadTheBad
          last edited by NogBadTheBad

          Are you using https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-porn/hosts as your porn block list.

          It has all sorts of non porn stuff in it.

          Screenshot 2019-06-05 at 19.42.12.png
          .

          Andy

          1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

          NogBadTheBadN 1 Reply Last reply Reply Quote 1
          • NogBadTheBadN
            NogBadTheBad @NogBadTheBad
            last edited by

            Screenshot 2019-06-05 at 20.02.58.png

            Andy

            1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

            C 1 Reply Last reply Reply Quote 1
            • C
              Chasire @NogBadTheBad
              last edited by

              @NogBadTheBad Hello, I have enabled the UT1 blacklist updated my DNSBL but it doesn't work. Does it mean that something is wrong with my DNS resolver ? If so what do I miss.

              1 Reply Last reply Reply Quote 0
              • NogBadTheBadN
                NogBadTheBad
                last edited by NogBadTheBad

                Have you done an update reload DNSBL ?

                The list is very big BTW.

                Andy

                1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                C 1 Reply Last reply Reply Quote 0
                • C
                  Chasire @NogBadTheBad
                  last edited by

                  @NogBadTheBad I did, I have update reloaded my DNSBL and still got the same result. I run squid in pfsense. My webbrowser is in the proxy. I think that has something to do with the problem.

                  7cf0c40c-7977-4594-9490-829e359fc320-image.png

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.