how to bypass pfblockerng-devel certain ip.
-
i already set up pfbloker block some website list of shallalist and stevenblack.
My problem is not working my bypass using custom options in dns solver that i saw this threads.here is my pfsense.
my dhcp is on my windows server 2008
then i want this some ip's bypass the block list website
anyone could help me. thank you.
-
You use :
so you could Bypassing DNSBL for specific IPs
Or, also possible, I did not understand :
@jenskiebee said in how to bypass pfblockerng-devel certain ip.:
My problem is not working
-
@gertjan said in how to bypass pfblockerng-devel certain ip.:
You use :
so you could Bypassing DNSBL for specific IPs
Or, also possible, I did not understand :
@jenskiebee said in how to bypass pfblockerng-devel certain ip.:
My problem is not working
Oh sorry i cant edit my post..
Yes bro, i use that pfblockerng version.
My problem is i cant bypass the dnsbl website.
Example ip of my pc unit is 192.168.1.30 i want to exclude in blocking. -
I already use the setting of Bypassing DNSBL for specific IPs.
But notworking my pc/ip still block. -
@jenskiebee said in how to bypass pfblockerng-devel certain ip.:
But notworking my pc/ip still block.
I'm using pfSense 2.5.1 with the latests pfB 3.0.0_16
I looked up a blocked domain in one of the feeds I'm using : cash_lord.com in one of the feeds I'm using.
a nslookup test for cash_lord.com showed me the domain was blocked :
0..0.0.0edit : Yes, 0.0.0.0 as I'm not trying to return 10.10.10.1 which is the default 'buiknd-in' "DNSBL Webserver" as it can't do anything if I'm redirected to https. Knowing that every site is https these days, etc etc etc. I just chose for 0.0.0.0 which does the job just fine with far less overhead.
Time for a test.
My PC uses LAN IP 192.168.1.2 and 2001:470:dead:beef:2::88
So I entered this :
I flushed my local DNS cache with
ipconfig /flushdnsand did the test again. This time it did return an IP :
Address: 154.220.169.30So, it really looks like it's working for me.
My PC, as it's on the list, isn't filtered by pfB any more.
-
@gertjan i try this setting "unbound python mode" dnsbl its working, but the other problem is when i flushed dns the other pc that i want to remain filtered by pfb same still can access again.
because some of the user/employee know simple network troubleshot like release , renew and flushdns also...
-
-
@jenskiebee said in how to bypass pfblockerng-devel certain ip.:
problem is when i flushed dns the other pc that i want to remain filtered by pfb same still can access again.
What do you mean ?
Do you know what
ipconfig /flushdnsdoes ?
And why I used this command on my PC in the example above ?
@jenskiebee said in how to bypass pfblockerng-devel certain ip.:
"unbound python mode"
This mode needs to be used to use the "Python Group Policy" function.
-
@kom said in how to bypass pfblockerng-devel certain ip.:
dead:beef
Heh
A way to obscure an IPv6 - my 2001:470:dead:beef:2::88 is local and global ;)
-
@gertjan yeahhh i used like you said.
-
Keep in mind : it's a DNSBL bypass.
IP based feeds will still block, as these are just huge aliases used in firewall rules.See also here and here.
It's still in the
phase of developing.