Confusion on allowing specific client IP's on my LAN to bypass Pfblockerng-devel



  • I know this has been brought up multiple times sorry for being dense I just have some confusion on syntax for this under Services > DNS Resolver > Custom Options.

    Current syntax under Services > DNS Resolver > Custom Options with Pfblockerng enabled is:

    private-domain: "plex.direct"
    server:include: /var/unbound/pfb_dnsbl.conf**

    I have a multiple devices I want to bypass dnsbl (192.168.1.50, 192.168.1.51, 192.168.1.52) but everything else on 192.168.1.0/24 I want running through dnsbl so as I understand it I should just copy and paste the following into the custom options field of the DNS resolver for this:

    *server:
    private-domain: "plex.direct"
    access-control-view: 192.168.1.50/32 bypass
    access-control-view: 192.168.1.51/32 bypass
    access-control-view: 192.168.1.52/32 bypass
    access-control-view: 192.168.1.0/24 dnsbl
    view:
    name: "bypass"
    view-first: yes
    view:
    name: "dnsbl"
    view-first: yes
    include: /var/unbound/pfb_dnsbl.*conf



  • server:
    private-domain: "plex.direct"
    access-control-view: 192.168.1.50/32 bypass
    access-control-view: 192.168.1.51/32 bypass
    access-control-view: 192.168.1.52/32 bypass
    access-control-view: 192.168.1.0/24 dnsbl
    view:
    name: "bypass"
    view-first: yes
    view:
    name: "dnsbl"
    view-first: yes
    include: /var/unbound/pfb_dnsbl.*conf



  • The ones you want to bypass DNSBL, you'll need to create a DNSBL feed and place the sites in the DNSBL custom_list...be sure to set group order to PRIMARY and logging to DISABLE, then force reload.

    Screen Shot 2019-11-13 at 6.48.42 PM.png
    Screen Shot 2019-11-13 at 6.48.56 PM.png


  • Moderator


Log in to reply