Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNSBL Auto whitelisting happing ?

    Scheduled Pinned Locked Moved pfBlockerNG
    whitelistdnsbl
    11 Posts 4 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sesipod
      last edited by

      So any time I update my listings I get some domains listed in the logs as being whitelisted.
      ( See screenshot )

      What is causing these domains to be auto whitelisted ?
      How can I prevent it from happening ?

      alt text

      1 Reply Last reply Reply Quote 0
      • S
        sesipod
        last edited by

        Here is the url to the listing for
        Site 7

        1 Reply Last reply Reply Quote 0
        • S
          sesipod
          last edited by

          Anybody have any idea how I can remove these from whitelist ? 😟

          1 Reply Last reply Reply Quote 0
          • RonpfSR
            RonpfS
            last edited by

            Have a look at Firewall / pfBlockerNG / DNSBL DNSBL Whitelist, and click on the icon. 😉

            2.4.5-RELEASE-p1 (amd64)
            Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
            Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

            1 Reply Last reply Reply Quote 0
            • S
              sesipod
              last edited by

              This is all that is showing under that section. Per the log file that I screenshot above there should be more?

              s3.amazonaws.com
              s3-1.amazonaws.com # CNAME for (s3.amazonaws.com)
              .github.com
              .githubusercontent.com
              github.map.fastly.net # CNAME for (raw.githubusercontent.com)
              .gitlab.com
              .apple.com
              .sourceforge.net
              .fls-na.amazon.com # alexa
              .control.kochava.com # alexa 2
              .device-metrics-us-2.amazon.com # alexa 3
              .amazon-adsystem.com # amazon app ads
              .px.moatads.com # amazon app 2
              .wildcard.moatads.com.edgekey.net # CNAME for (px.moatads.com)
              .e13136.g.akamaiedge.net # CNAME for (px.moatads.com)
              .secure-gl.imrworldwide.com # amazon app 3
              .pixel.adsafeprotected.com # amazon app 4
              .anycast.pixel.adsafeprotected.com # CNAME for (pixel.adsafeprotected.com)
              .bs.serving-sys.com # amazon app 5
              .bs.eyeblaster.akadns.net # CNAME for (bs.serving-sys.com)
              .bsla.eyeblaster.akadns.net # CNAME for (bs.serving-sys.com)
              .adsafeprotected.com
              .anycast.static.adsafeprotected.com # CNAME for (static.adsafeprotected.com)
              google.com
              www.google.com
              youtube.com
              www.youtube.com
              youtube-ui.l.google.com # CNAME for (youtube.com)
              stackoverflow.com
              www.stackoverflow.com
              dropbox.com
              www.dropbox.com
              www.dropbox-dns.com # CNAME for (dropbox.com)
              control.kochava.com
              secure-gl.imrworldwide.com
              pbs.twimg.com # twitter images
              www.pbs.twimg.com # twitter images
              cs196.wac.edgecastcdn.net # CNAME for (pbs.twimg.com)
              cs2-wac.apr-8315.edgecastdns.net # CNAME for (pbs.twimg.com)
              cs2-wac-us.8315.ecdns.net # CNAME for (pbs.twimg.com)
              cs45.wac.edgecastcdn.net # CNAME for (pbs.twimg.com)
              .d.line-scdn.net # line
              .d.line-scdn.net.edgekey.net # CNAME for (d.line-scdn.net)
              .cac-d.line-scdn.net.line-zero.akadns.net # CNAME for (d.line-scdn.net)
              .e3998.d.akamaiedge.net # CNAME for (d.line-scdn.net)
              .graph.facebook.com # Facebook
              .api.facebook.com # CNAME for (graph.facebook.com)
              .star.c10r.facebook.com # CNAME for (graph.facebook.com)
              
              
              1 Reply Last reply Reply Quote 0
              • S
                sesipod
                last edited by

                Got it all sorted now :)

                I see it was whitelisting based off the items in this list --- I am really tired need coffee lol

                Thanks for the help @RonpfS

                1 Reply Last reply Reply Quote 0
                • L
                  limis
                  last edited by

                  I have similar question.

                  How to stop auto whitelisting google, yandex and similar domains since I see it happening in my pfblockerng logs (and I clearly find these domains in a /var/db/pfblockerng/pfbdnsblsuppression.txt) but at the same time I have empty whitelist in Firewall / pfBlockerNG / DNSBL DNSBL Whitelist ?

                  [ Shallalist_adv ] Reload . completed ..
                  Whitelist: ads.google.com|adservices.google.com|adwords.google.com|adwords.google.nl|an.yandex.ru|awaps.yandex.ru|az.yandex.ru|bs.yandex.ru|direct.yandex.ru|

                  Orig. Unique # Dups # White # TOP1M Final

                  9929 9929 1 9 0 9919

                  [ Shallalist_tracker ] Reload [ 05/04/20 22:02:12 ] . completed ..
                  Whitelist: id.google.com|id.google.de|mc.yandex.ru|yabs.yandex.ru|

                  Orig. Unique # Dups # White # TOP1M Final

                  1243 1243 87 4 0 1152

                  L 1 Reply Last reply Reply Quote 0
                  • L
                    limis @limis
                    last edited by

                    This post is deleted!
                    1 Reply Last reply Reply Quote 0
                    • L
                      limis
                      last edited by

                      noone has same issue with auto whitelisting ?

                      1 Reply Last reply Reply Quote 0
                      • J
                        jot
                        last edited by

                        Did you happen to enable the new SafeSearch redirection feature? That text says "All enabled Safe Search sites will be wildcard whitelisted to ensure that DNSBL is not blocking these Safe Search Sites" and then "At the moment it is supported by Google, Yandex, DuckDuckGo, Bing and Pixabay."

                        That's likely why you're seeing automatic whitelisting of Yandex, google, etc.

                        L 1 Reply Last reply Reply Quote 0
                        • L
                          limis @jot
                          last edited by

                          @jot thanks for the info. You are right. Though I do not understand why to force whitelist google and yandex subdomains which are used for ads - ads.google.com|adservices.google.com. I just can not block ads if I enable safesearch option

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.