Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests

    Scheduled Pinned Locked Moved pfBlockerNG
    10 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TheLastUnicorn
      last edited by

      Hello all,

      yesterday I updated my pfBlockerNG-devel installation from version 3.1.0 to 3.1.0_1. Unfortunately I had to recognize that afterwards all DNS requests out of my network will fail. My environment is a bit special. I am using several VLANs on a Cisco SG300-28 L3 switch, which is also doing hardware routing between them. My pfsense installation is responsible for internet access and DNS. I have configured DNS over TLS using port 853 for any DNS request, redirecting any port 53 request.

      I still haven't figured out what is the problem. DNS Lookup on pfsense still works fine. Conneting to any server using the ip adress works fine as well. However all DNS requests out of my VLANs do fail. Does anybody have an idea, what is going wrong?

      Thanks in advance!

      Cheers
      Volker

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @TheLastUnicorn
        last edited by

        @thelastunicorn said in Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests:

        pfBlockerNG-devel installation from version 3.1.0 to 3.1.0_1. Unfortunately I had to recognize that afterwards all DNS requests out of my network will fail

        Known.
        See, for example, this thread - just ne lwoer as your : pfBlockerNG-Devel v3.1.0_1 is up.
        Just re start the DNS resolvers, as it was stopped during the update.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        T 1 Reply Last reply Reply Quote 0
        • T
          TheLastUnicorn @Gertjan
          last edited by

          @Gertjan

          Hello Gertjan,
          I know about that issue and I restarted the DNS resolver. However it didn't work. DNS requests out of the network are still blocked.

          I guess one of the active DNSBL feeds contains an adress I am using within my network (e.g. 10.10.10.1, 127.0.0.1, 172.16.0.1 are on the Spam-RBL.fr list) which results in DNS blockings.

          Cheers
          Volker

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @TheLastUnicorn
            last edited by

            @thelastunicorn said in Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests:

            I guess one of the active DNSBL feeds contains an adress I am using within my network (e.g. 10.10.10.1, 127.0.0.1, 172.16.0.1 are on the Spam-RBL.fr list) which results in DNS blockings.

            You've said it. Stop using this " Spam-RBL.fr" feed and you'll be fine.

            Btw : the "3.1.0" to "3.1.0_1" upgrade includes minor changes, not the one that 'break' your setup. You would have seen this forum flooded with messages if that was the case.

            @thelastunicorn said in Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests:

            DNS requests out of the network are still blocked

            because you use ppfBlockerNG, you can also see why things are blocked. This means you can do something about it if needed.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            T 1 Reply Last reply Reply Quote 0
            • T
              TheLastUnicorn @Gertjan
              last edited by

              @Gertjan

              That's true, however I am not sure whether Spam-RBL.fr list is activated during pfBlockerNG-devel default installation. I probably have to deactivate all feeds at first, activating one by another to find the right one ...

              Cheers
              Volker

              GertjanG 1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan @TheLastUnicorn
                last edited by

                @thelastunicorn
                When you install pfBlockerNG-devel it does .... nothing, except occupying some disk space.
                Things start when you add feeds .... and activate options.

                @thelastunicorn said in Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests:

                activating one by another to find the right one

                feeds are files, downloaded from 'some place'.

                Example :
                An IPv4 feeds containing IPv4 :
                You see the URL ? Use it !!

                Ctrl-A the feed, Ctrl-C it, and Ctrl-V it on a browser tab.
                As you can see, It's just a file.
                Ctrl-F to find, for example, anything that is a RFC1918 and should not be in there.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • Cool_CoronaC
                  Cool_Corona
                  last edited by

                  Wouldnt it be a lot smoother if you could search for an IP directly in PfBlocker and it will show the lists that are blocking it?

                  Right now it seems reversed....

                  GertjanG P 2 Replies Last reply Reply Quote 0
                  • GertjanG
                    Gertjan @Cool_Corona
                    last edited by

                    @cool_corona

                    👍

                    I' have the impression that pfblockerng was written by people who wouldn't include 'settings' from 'elsewhere' without inspecting them upfront.
                    If a needed IP was included, a "whitelist click" would deal with it.

                    Now we reached 2022. I've already seen posts about feeds that have their own IP in the list ... so when you include the feed, and then, on subsequent updated, pfblockerng complains it can't download it any more.
                    That's a ROFL situation.

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    Cool_CoronaC 1 Reply Last reply Reply Quote 0
                    • Cool_CoronaC
                      Cool_Corona @Gertjan
                      last edited by

                      @gertjan Its way beyond ROFL.... 👏 🙄

                      1 Reply Last reply Reply Quote 0
                      • P
                        ProperCactus Rebel Alliance @Cool_Corona
                        last edited by

                        @gertjan said in Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests:

                        I've already seen posts about feeds that have their own IP in the list

                        Yep, I had this happen all off a sudden I got notifications that lists couldn't be updated, it's because the lists were blocked by other lists lol.

                        And now pfBlockerNG doesn't even log IP addresses that it blocks for me. I think the developer has pretty much given up on the project.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.