How to selectively bypass DNSBL



  • I have pfBlockerNG set up with a number of good block lists and to make sure that an application doesn't try to go around it, all port 53 traffic gets redirected to pfSense. (So dig @8.8.8.8 blockeddomain.com will return the pfBlocker IP). One of the anti-malware lists includes drive.google.com (which I think is good idea since I only use google drive very rarely, but on those occasions when I want to use it, I need a way to get around it.)

    Any suggestions as to an adhoc method.?

    It's a home network and I have ultimate control, so I'd be open to some sort of script that patches the whitelist that goes away when the dnsbl reloads.

    Any ideas would be much appreciated.



  • @guardian If you have your own private computer, couldn't you just use a hosts file, since the computer looks there before it does any DNS?



  • From the Alerts Tab, you could Unlock a domain until next Cron Update or Whitelist it permanently.



  • Thanks @provels @RonpfS for the replies...

    @provels said in How to selectively bypass DNSBL:

    @guardian If you have your own private computer, couldn't you just use a hosts file, since the computer looks there before it does any DNS?

    That's a great idea @provels.... just tested it out, and it works! I should have thought of that ... I guess I'd make a lousy hacker. It's a bit of a PITA having to manually look up an IP address and edit the hosts file, but it is workable. I might be able to write a script to do a lookup over https and do the insert the lines/remove them when I am done.

    @RonpfS said in How to selectively bypass DNSBL:

    From the Alerts Tab, you could Unlock a domain until next Cron Update or Whitelist it permanently.
    I though that clicking the + permanently whitelisted an entry? Am I mistaken? If I do that is there an easy way to reverse this, or do I have to wait for an update? Can I just do a force reload?

    I know this might be asking for trouble, but could I directly edit a file in pfBlockerNG/pfSense to do a temporary whitelist? If possible I would like to avoid the reload as that takes a fair bit of time sine I have well over 1 million entries.



  • @guardian Blind squirrel finds nut!
    Pictures at 11!



  • @provels said in How to selectively bypass DNSBL:

    @guardian Blind squirrel finds nut!
    Pictures at 11!

    Sorry, but that one went over my head.


Log in to reply