Pfblocker not working as expected



  • I have now setup pfsense on a standalone mini-itx. What I've found is I have pi-hole running on a PI that pfsense points to in DHCP - DNS (It doesn't work in system/general setup settings?)
    I've placed some of my pi-hole lists in pfblocker (IPV4 and DNSBL) and turned off pi-hole but the ad sites that are blocked with pi-hole don't get blocked with pfblocker. 😕

    What I'm trying to do is whitelist coinpot.co - which I've done but it's still blocked.
    nslookup shows
    C:\Users\pc>nslookup coinpot.co
    Server: pfSense.localdomain
    Address: 192.168.2.210

    Non-authoritative answer:
    Name: coinpot.co
    Addresses: 2606:4700:10::6814:41bb
    2606:4700:10::6814:42bb
    104.20.65.187
    104.20.66.187

    and ping times out, but that because of Cloudflare ? I've flushed the DNS but still nothing...

    Another thing I'm not sure what this is about ?

    Assembling database... completed
    Executing TLD
    TLD analysis...xx
    Debug: Missing TLD: local-data: "0.0.0 60 IN A 10.10.99.1"
    xxxxxxxxx completed
    ** TLD Domain count exceeded. [ 250000 ] All subsequent Domains listed as-is **
    Finalizing TLD... completed

    Original Matches Removed Final

    1309969 168500 -802657 2112626

    Validating database... Skipped [ 08/19/19 16:40:41 ]
    Reloading Unbound.... completed



  • I've now come to the conclusion Pfblocker is good at what it does however, finding what and how sites are blocked and then white listing those sites needs a lot more work. Reluctantly I think I will go back to Pi-hole just because of it's white listing.



  • @randombits said in Pfblocker not working as expected:

    I've now come to the conclusion Pfblocker is good at what it does however, finding what and how sites are blocked and then white listing those sites needs a lot more work. Reluctantly I think I will go back to Pi-hole just because of it's white listing.

    You don't say what version of pfBlocker_NG you're using but I would recommend that you give pfBlocker_NG devel a try if you're have problems.



  • Opps sorry,

    It's pfBlockerNG version 2.1.4_17



  • @randombits said in Pfblocker not working as expected:

    Opps sorry,

    It's pfBlockerNG version 2.1.4_17

    Then by all means give pfBlockerNG_dev a try. It is the latest version and lets you do whitelisting.



  • @jdeloach I will do, I've spent the last ~5 days fiddling with 2.1.4.17 trying to figure out just how to whitelist sites. I think one issue some sites use CDN's and that gets blocked leaving a site partly loaded.
    I realise any blocking application needs to fine tuned to ones own use but PFB seems particularly diificult just the white list a few sites.



  • @jdeloach A very quick look at PFB dev and it appears a bit more 'friendly' with '+' to easily white list - I'll have a play!



  • Thanks @jdeloach for suggesting I tried the dev version it appears to work, although I feel a bit uneasy whitelisting a Cloudflare IP 😒 (not an issue with outbound of course 🙄 )

    I can now confirm Pfblocker dev whitelisting works - almost as good as Pi-hole 😆


Log in to reply