Looks lke its " working ...

VenimK

Been setting up Pfblocker
when i do nslookup on client i get 10.10.10.1 (ip of pfsense)
But i does 'nt picks up anything

Schermafbeelding 2019-11-04 om 05.46.23.png

Also have the 2 FW Rukel Allow and block DNS as it should work

Schermafbeelding 2019-11-04 om 06.51.16.png

What else can I Check ???

Gertjan

Hi,

Read https://en.wikipedia.org/wiki/Domain_Name_System and discover that DNS requests can use TCP packets.

edit :

@VenimK said in Looks lke its " working ...:

when i do nslookup on client i get 10.10.10.1 (ip of pfsense)

What did you set up here Firewall > pfBlocker > NGDNSBL :

?

VenimK

@Gertjan

Schermafbeelding 2019-11-04 om 07.50.39.png

i've changed that to 192.168.1.1
Ran into problems because off my lan dhcp

Schermafbeelding 2019-11-04 om 07.51.37.png

Gertjan

@VenimK said in Looks lke its " working ...:

Ran into problems because off my lan dhcp

What problems ?
192.168.1.0/24 was also used for WAN ?

VenimK

Schermafbeelding 2019-11-04 om 07.59.10.png

DHCP WAN

So Should i change PFBLOCKER IP to 10.10.10.1 again, then, reboot server ..

Gertjan

So, the default 192.168.1.0/24 should be fine for LAN setting - the default DHCP pool also.

@VenimK said in Looks lke its " working ...:

So Should i change PFBLOCKER IP to 10.10.10.1 again, then, reboot server ..

Noop.
You'll be breaking a condition :

Check also the last condition :
192.168.0.0/16 (your 192.168.1.1) is in the range of this setting, and your WAN is in that range.
Go for a 172.16.0.1 as a DNSBL Virtual IP setting.

VenimK

@Gertjan

Schermafbeelding 2019-11-04 om 08.31.58.png

Changed DNSBL VIP to 172.16.0.1
GEOIP is working but none of the other

Gertjan

Take an URL from a feed the first alias "pfB_DNSBLIP_v4".
Feed that into a local "nslookup" prompt.
Have it resolved.
Did it return the real IPv4 - or the one from pfBlockerNG ? (like 0.0.0.1 or your local "DNSBL Webserver Configuration / Virtual IP Address ?

VenimK

@Gertjan said in Looks lke its " working ...:

pfB_DNSBLIP_v4

Schermafbeelding 2019-11-04 om 09.02.37.png

Weird , going to 192.168.1.1

Gertjan

@VenimK said in Looks lke its " working ...:

Weird , going to 192.168.1.1

That's your ""DNSBL Webserver Configuration / Virtual IP Address".

VenimK

@Gertjan said in Looks lke its " working ...:

That's your ""DNSBL Webserver Configuration / Virtual IP Address".

Schermafbeelding 2019-11-04 om 09.12.16.png

Gertjan

and you did that also ?

VenimK

@Gertjan
Yes
And rebooted to

VenimK

@Gertjan said in Looks lke its " working ...:

and you did that also ?

Maybe a reinstall off the plugin

Gertjan

Don't think so.
A Force reload does it for me.

VenimK

@Gertjan
NOw when i do nslookup from a client if get
nslookup www.upcoin.com
Server: 10.10.10.1 (PFSENSE LAN IP
Address: 10.10.10.1#53

Name: www.upcoin.com
Address: 172.16.0.1 (DNSBL IP)

So it kinda works
But i get still no logs

Schermafbeelding 2019-11-05 om 19.05.14.png

VenimK

@VenimK
did a complete new install pfsense, and then pfblocker-dev.
And it still works as before, no loggin with DNSBL.
Allthough nslookup looks ok, and stuff
nslookup www.yahoo.com
Server: 10.10.10.1
Address: 10.10.10.1#53

Name: www.yahoo.com
Address: 10.10.10.1

Gertjan

What is your "DNSBL Webserver Configuration Virtual IP Address " now ?
What is your pfSense LAN IP now ?

VenimK

@Gertjan
LAN INFO

Schermafbeelding 2019-11-07 om 04.29.58.png

DNSBL INFO
Schermafbeelding 2019-11-07 om 04.30.12.png

Gertjan

Looks all fine to me.