4. pfblockerNG blocking some web on bypass IPs

pfblockerNG blocking some web on bypass IPs

  • S

    Hello,

    I've added some IPs in DNS resolver config file to bypass for pfblockerNG .

    server:
    access-control-view: 192.168.10.2/32  bypass
    access-control-view: 192.168.10.203/32 bypass
    access-control-view: 192.168.10.0/24 dnsbl
    
view:
    name: "bypass"
    view-first: yes
view:
    name: "dnsbl"
    view-first: yes
include: /var/unbound/pfb_dnsbl.*conf

    site are such are account.live.com , mega.nz . List containing the entire subnet DNSBLIPv4 . Question is bypass ips should not be effected via pfblockerng list.

    Any idea what could be the issue of this abnormal behaviour.

    Regards

    0

  • Any idea what could be the issue of this abnormal behaviour.

    pfBlcokerNG enters

    8d8fb3df-7682-45cf-be0c-02ffd460ce7d-image.png

    and then some one broke(the format) it ;)

    Start here : https://forum.netgate.com/topic/129365/bypassing-dnsbl-for-specific-ips/60

    0
  • S

    I've done following changes

    server:
    access-control-view: 192.168.10.2/32  bypass
    access-control-view: 192.168.10.203/32 bypass
    access-control-view: 192.168.10.0/24 dnsbl
   include: /var/unbound/pfb_dnsbl.*conf
    
view:
    name: "bypass"
    view-first: yes
view:
    name: "dnsbl"
    view-first: yes

    Now testing it again . Hope this config will work out.

    Regards

    0
    S
     1 Reply
  • S

    @scorpoin said in pfblockerNG blocking some web on bypass IPs:

    I've done following changes

    server:
    access-control-view: 192.168.10.2/32  bypass
    access-control-view: 192.168.10.203/32 bypass
    access-control-view: 192.168.10.0/24 dnsbl
   include: /var/unbound/pfb_dnsbl.*conf
    
view:
    name: "bypass"
    view-first: yes
view:
    name: "dnsbl"
    view-first: yes

    Now testing it again . Hope this config will work out.

    Regards

    above configuration did not help , it does not bypass those IPs which I've added not to be blocked. Strange thing is below configuration is working fine.

    server:
    access-control-view: 192.168.10.2/32  bypass
    access-control-view: 192.168.10.203/32 bypass
    access-control-view: 192.168.10.0/24 dnsbl
 
    
view:
    name: "bypass"
    view-first: yes
view:
    name: "dnsbl"
    view-first: yes
  include: /var/unbound/pfb_dnsbl.*conf

    If that is wrong format then how the hell it is working ?

    Regards

    0

  • @scorpoin :

    With checking the 'manual', a certain pattern can be observed :

    First, in the server part, 'groups' or 'classes' are defined : called 'bypass' and 'dnsbl'. They have a 'network(s).
    Then for each group or view (network), option are listed.
    One of them - called 'dnsbl' includes our pfb_dnsbl file.

    Note : I guess we can have the "views" called 'limited' or 'restricted' or whatever.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy