DNS resolver began ignoring DNSBL custom list on one interface only.
-
First time poster, 2.4.5-RELEASE-p1 (amd64), WAN, LAN, and IOT_dev interfaces on a four-port (all Intel) Compulab Fitlet. LAN is for computers and the like, IOT_dev is for televisions and other such trivia.
TBH I followed tutorials to get pfsense working. For several months it has been working as desired, but three days ago something happened and now, on the IOT_dev interface only, my DNSBL custom list is not resulting in blocking things. E.g. I block graph.facebook.com and until three days ago a ping to graph.facebook.com from LAN or IOT_dev would return 10.10.10.0 as the IP address. Which is what I wanted. The change now is none of the custom list entries do this any more and DNS resolves them, but only on the IOT_dev interface, while all other rules - both DNS feeds and IP filtering - continue to be respected. It continues to work as before on the LAN interface.
I tried using the config history to revert to the conditions before the problem started and that didn’t have any effect.
Why would such a change happen on only one interface? LAN and IOT_dev are barred from communicating at all.