www. not being blocked from custom blacklist

pfBlockerNG
Log in to reply
  • A

    I'm having a similar problem as Re: www. not blocked?
    However, my problem was not resolved with a reboot.
    I am running pfBlockerNG-dev and using the stock "getting started" setup.
    17e49dc5-753b-486a-9cd8-3b80a209a580-image.png
    I have added a custom blacklist with these domains in it

    youtube.com
.youtube.com
www.youtube.com
m.youtube.com
youtubei.googleapis.com
youtube.googleapis.com
www.youtube-nocookie.com
youtube-ui.l.google.com # CNAME for (youtube.com)
i.ytimg.com
googlevideo.com
.googlevideo.com
www.googlevideo.com
r3---sn-cvh76nez.googlevideo.com

    I get the normal blockpage when I access https://youtube.com. But when I go to https://www.youtube.com it loads the page as normal.

    When I run nslookup I get these results

    C:\WINDOWS\system32>nslookup youtube.com
Server:  UnKnown
Address:  192.168.20.1

Name:    youtube.com
Address:  10.10.99.1


C:\WINDOWS\system32>nslookup www.youtube.com
Server:  UnKnown
Address:  192.168.20.1

Name:    www.youtube.com
Address:  216.239.38.119


C:\WINDOWS\system32>nslookup www.youtube.com
Server:  UnKnown
Address:  192.168.20.1

Name:    www.youtube.com
Addresses:  216.239.38.119
          10.10.99.1

    I am not sure why it doesn't resolve directly to 10.10.99.1 and then it does seem to pick it up but still has the original IP in the response.

    I have run update - reload multiple times and rebooted to no avail - also ran ipconfig /flushdns on the machine I am testing from.

    Any help would be greatly appreciated.

    NollipfSense 1 Reply 0
  • NollipfSense

    @andy_vdg Checking the TLD box will fix your issue...see image...be sure to have sufficient RAM. Also, be sure your pfSense is the only source doing DNS.

    Screen Shot 2020-02-01 at 12.47.58 PM.png

    A 1 Reply 0
  • A

    @NollipfSense
    Thanks for the reply. I did try that but with 4GB of RAM on my firewall it didn't work well at all. Unbound would start and immediately crash. I turned it off again and just added all variants to the blocklist.

    So with these added:
    youtube.com
    .youtube.com
    www.youtube.com
    Why can I still access www.youtube.com? I am really stumped by this one.

    NollipfSense 1 Reply 0
  • NollipfSense

    @andy_vdg Are you sure it's not your browser expecting https:// www.youtube.com? I would add it like that just to see what happens!

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy