www. not being blocked from custom blacklist



  • I'm having a similar problem as Re: www. not blocked?
    However, my problem was not resolved with a reboot.
    I am running pfBlockerNG-dev and using the stock "getting started" setup.
    17e49dc5-753b-486a-9cd8-3b80a209a580-image.png
    I have added a custom blacklist with these domains in it

    youtube.com
    .youtube.com
    www.youtube.com
    m.youtube.com
    youtubei.googleapis.com
    youtube.googleapis.com
    www.youtube-nocookie.com
    youtube-ui.l.google.com # CNAME for (youtube.com)
    i.ytimg.com
    googlevideo.com
    .googlevideo.com
    www.googlevideo.com
    r3---sn-cvh76nez.googlevideo.com
    

    I get the normal blockpage when I access https://youtube.com. But when I go to https://www.youtube.com it loads the page as normal.

    When I run nslookup I get these results

    C:\WINDOWS\system32>nslookup youtube.com
    Server:  UnKnown
    Address:  192.168.20.1
    
    Name:    youtube.com
    Address:  10.10.99.1
    
    
    C:\WINDOWS\system32>nslookup www.youtube.com
    Server:  UnKnown
    Address:  192.168.20.1
    
    Name:    www.youtube.com
    Address:  216.239.38.119
    
    
    C:\WINDOWS\system32>nslookup www.youtube.com
    Server:  UnKnown
    Address:  192.168.20.1
    
    Name:    www.youtube.com
    Addresses:  216.239.38.119
              10.10.99.1
    

    I am not sure why it doesn't resolve directly to 10.10.99.1 and then it does seem to pick it up but still has the original IP in the response.

    I have run update - reload multiple times and rebooted to no avail - also ran ipconfig /flushdns on the machine I am testing from.

    Any help would be greatly appreciated.



  • @andy_vdg Checking the TLD box will fix your issue...see image...be sure to have sufficient RAM. Also, be sure your pfSense is the only source doing DNS.

    Screen Shot 2020-02-01 at 12.47.58 PM.png



  • @NollipfSense
    Thanks for the reply. I did try that but with 4GB of RAM on my firewall it didn't work well at all. Unbound would start and immediately crash. I turned it off again and just added all variants to the blocklist.

    So with these added:
    youtube.com
    .youtube.com
    www.youtube.com
    Why can I still access www.youtube.com? I am really stumped by this one.



  • @andy_vdg Are you sure it's not your browser expecting https:// www.youtube.com? I would add it like that just to see what happens!


Log in to reply