DNS Blacklist, New Package! Check it out.
-
Hi,
I am new to PfSense, I tried using DNS Blacklist and tried to block, Adult Porn and Online Gaming but I beleive it blocks all sites, if I try accessing any site it redirects to Google. For eg I tried indiatimes.com; yahoo.co; rediff.com and our Company website but it all gets redirected to Google, not sure if I am going wrong somewhere or do I need to work on the scripts.I have the same issue.
-
Hi,
I am new to PfSense, I tried using DNS Blacklist and tried to block, Adult Porn and Online Gaming but I beleive it blocks all sites, if I try accessing any site it redirects to Google. For eg I tried indiatimes.com; yahoo.co; rediff.com and our Company website but it all gets redirected to Google, not sure if I am going wrong somewhere or do I need to work on the scripts.I have the same issue.
I also have the same issue and even if I uninstall the dns blacklist the DNS redirector is jacked up now and no dns redirection works.
-
Am I missing something or is this like running Squid and Squidguard? And if so, why at the beginning of the thread did the developers make reference to DNS Blacklist (eventually) running in conjunction with a proxy server? Seems like DNS Blacklist is a great idea for those who don't employ proxy servers and redundant to those who do (along with Squidguard).
Please…show me the error in my thinking.
-
I agre, what is the difference with Squid-Squid guard
I have good squit guard setup should i consider this instead
What are the advantaged or disadvantagesThank you!
-
The DNS Blacklist is what its name implies. Its a DNS Domain name black list. Domains that are on the list are detoured to an alternate address in this way it blocks the website. Simple concept effective and doesn't require a proxy. To be completely effective you need to block other DNS Servers.
-
did any one ask? Ive heard of pay services providing free services to projects like this.
-
Hi,
is there a possibility that the DNS Blacklist is valid only for some clients in the network?
What i mean is: Can i set permissions within the DNS Blacklist for some clients.And thank you for your work on this package!
-
Wow… i've tried this.. unbelivble...it's simple. Thanksss Guys....it's really2 work .. \m/
-
This is a great package, using it very well great work!
I do have 1 issue. When i turn on Adult option, it starts blocking sites that aren't even in the blacklist (specifically all of my personal domains). limesg.com, and naveoss.com. I did a grep in the blacklist directory and on the original sites blacklist files and my domains are not in any list. Any advice?
-
Any news of this???
-
Just to chime in a bit:
- Great package. Anything to help with granular site-blocking is a win to me.
- Wondering if perhaps the option to add this list http://www.mvps.org/winhelp2002/hosts.txt might be possible ? …GREAT list to use if you're serious about ad-blocking.
- for anyone having trouble with the blacklist opening a page that you think should be blocked, you might have to clear your DNS cache - from the Windows command line: ipconfig /flushdns
-
DigitalJer the list you linked to seems to be free to use and I like the idea of an ad block category so I will add it as time permits. Main problem with granular control is some of these lists are very large so large we can't just display them in a textarea without killing the browser I've been thinking about a way to page through the list of domains.
-
@mcrane:
… the list you linked to seems to be free to use and I like the idea of an ad block category so I will add it as time permits.
Sweet! tyvm - looking forward to it :)
-
I really like the package. Thank you.
-
@DigitalJer
i've been using MVPS hosts file for years too :) i've installed pfsense yesterday and i'm trying new stuff currently :) i just included the MVPS list (domains only) to the "/usr/local/www/packages/dnsblacklist/blacklists/ads/domains" file and it works fine.furthermore i've changed redirection to localhost/127.0.0.1 in dnsblacklist.php because i really don't like sending any information more than necessary to google :)
is it also possible to use pfsense's /etc/hosts file for blocking those domains? i guess it wouldn't eat that much memory (correct me if i'm wrong) because dnsmasq simply looks up the /etc/hosts file and sees the localhost redirection entries and forwards that to the client instead of holding everything in memory (which is limited on my alix board).
i'm new to pfsense and simple editing /etc/hosts didn't work because something always overwrites the file (i guess it is the "Register DHCP leases in DNS forwarder" setting).
[edit]
just found /etc/inc/system.inc and changed function system_hosts_generate() to append my host list to /etc/hosts :) skipping DNS blacklist package.
[/edit] -
@0x00:
@DigitalJer
i've been using MVPS hosts file for years too :)Yeah, it's maintained sooo well :)
I take it you've been using it with a Linksys WRT or something? Tomato / DD-WRT? That's how I found it.
@0x00:
i've installed pfsense yesterday and i'm trying new stuff currently :) i just included the MVPS list (domains only) to the "/usr/local/www/packages/dnsblacklist/blacklists/ads/domains" file and it works fine.
…so you added it to pfsense manually, and it works? I haven't had a chance to try it out yet :(
-
I take it you've been using it with a Linksys WRT or something? Tomato / DD-WRT? That's how I found it.
no, i've been using it locally only. i've recently upgraded my firewall laptop to an alix board and now installed pfsense instead of smoothwall. i never bothered to install the hosts file on smoothwall :)
…so you added it to pfsense manually, and it works? I haven't had a chance to try it out yet :(
yes, it works fine. before hacking the /etc/hosts file (which doesn't seem to bring many memory advantages in comparison to the blacklist package, i guess i have to test this more when i got time) i just adjusted the MVPS hosts file like this with vi:
- removed all lines with comments (#)
- removed every "127.0.0.1 " (including spaces) string
the remaining lines in the file are then just the domain names you want to block. i added this file to the ads blacklist as mentioned in my previous post (and did a sort/uniq). afterwards the webGUI of pfsense shows me ~15400 domains for the "ads" category instead of something like 700 domains.
-
question, i been reading and keeping up with the progress and I have to say the current DNS black list thing I use just kicks butt, is this the same thing or is this going to be different? also if this is the same (even if its not) is there any future plans to have the ability to white list sites that are on the black listed DNS (IE I black list porn and other adult sites, but a car forum gets blocked also) is there going or at least planned for the future a way to still black list adult sites but have a way to allow (white list?) certain sites like Nissanclub[dot]com or gaming clan sites? by either the IP and/or site address?? and (not sure how possible this could be) to set it up so only certain computers on the local network can access the white listed sites with out allowing every computer to access it?
Not sure if this makes sense, if needed I can try to explain it better…
-
Wow, haven't been around for a while so I dunno what updates mcrane made, but any of you whom I've not personally spoke with should note. I made many plans to add many new features, I re-did the web interface, and made a few php scripting fixes, added a whitelist, etc…. But the problem I had came down to the fact that mcrane did not want to use my blacklist in the package.
I started this package to help you guys, but in the end, it came down to what mcrane wanted since I couldn't submit the package myself, and if I didn't do it his way, he wouldn't submit it either, so we were limited to using an old, smaller, cheaper blacklist.
I have an entirely new package ready to go, with everything I wanted in the newest release, but it still comes down to the fact that the lists I gathered and spent MANY days sorting into categories from many various websites, just can't be used because 2 of the lists are not FREE, even though all of the URLs in the list can be gathered by anyone, or duplicated by anyone, the work/time that the seller of the two lists is what costs money, and even if I buy just one copy for myself, distributing it to everyone on here would be against the TOS from the sellers of the catagorized lists.
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
Sorry, but that is how it is.
-
That sucks like hell!!!
To be honest…......
Wow, haven't been around for a while so I dunno what updates mcrane made, but any of you whom I've not personally spoke with should note. I made many plans to add many new features, I re-did the web interface, and made a few php scripting fixes, added a whitelist, etc…. But the problem I had came down to the fact that mcrane did not want to use my blacklist in the package.
I started this package to help you guys, but in the end, it came down to what mcrane wanted since I couldn't submit the package myself, and if I didn't do it his way, he wouldn't submit it either, so we were limited to using an old, smaller, cheaper blacklist.
I have an entirely new package ready to go, with everything I wanted in the newest release, but it still comes down to the fact that the lists I gathered and spent MANY days sorting into categories from many various websites, just can't be used because 2 of the lists are not FREE, even though all of the URLs in the list can be gathered by anyone, or duplicated by anyone, the work/time that the seller of the two lists is what costs money, and even if I buy just one copy for myself, distributing it to everyone on here would be against the TOS from the sellers of the catagorized lists.
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
Sorry, but that is how it is.
