• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Converting FQDN to IP in custom blocklist

Scheduled Pinned Locked Moved pfBlockerNG
2 Posts 1 Posters 373 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    paulatz
    last edited by Jul 20, 2023, 8:25 AM

    Hello,
    I have a custom blocklist where I put the phishing attemps toward my organisation as soon as I can. The list is hosted somewhere and contain a list of FQDN. However, in order to protect all those who use DNS via HTTPS and similar, I want to convert the names to IP, which I can do with a dig command:

    #!/bin/sh
    dig +recurse +short @8.8.8.8 -4 -f ${1}  | grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' 
    

    I put this command in /usr/local/pkg/pfblockerng/ip_post_name_to_ip.sh and, as far as I can see, it works as expected. I.e. it gets two arguments in input, the first is the name of the downloaded file

    /var/db/pfblockerng/original/FEEDNAME_v4.orig
    

    The second is "_v4". The script reads the list of FQDNs from the file and convert them to IPs.

    The problem is that I do not know where to put the output. If I pipe it to standard output, it is printed in the log but does nothing. If I save it to the list location, /var/db/pfblockerng/deny/FEEDNAME_v4.txt, it would work, but only if any other subscription has changed. Otherwise, pfblocker does not detect that the list of IPs has changed, does not update the aliases and does not reload the firewall rules. I see that some list of IPs are saved directly as /var/db/pfblockerng/FEEDNAME.txt, but that also does nothing.

    I guess there must be some intermediate temporary file that must be created, but I cannot guess its name as I was not able to find any script example, if you can provide a pointer I would be grateful.

    Thank you

    P 1 Reply Last reply Jul 24, 2023, 8:18 AM Reply Quote 0
    • P
      paulatz @paulatz
      last edited by Jul 24, 2023, 8:18 AM

      I found a way to do this using a "pre" script which fetches the file itself, a "post" script example would still be welcome.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received