DNS Blacklist, New Package! Check it out.
-
@0x00:
@DigitalJer
i've been using MVPS hosts file for years too :)Yeah, it's maintained sooo well :)
I take it you've been using it with a Linksys WRT or something? Tomato / DD-WRT? That's how I found it.
@0x00:
i've installed pfsense yesterday and i'm trying new stuff currently :) i just included the MVPS list (domains only) to the "/usr/local/www/packages/dnsblacklist/blacklists/ads/domains" file and it works fine.
…so you added it to pfsense manually, and it works? I haven't had a chance to try it out yet :(
-
I take it you've been using it with a Linksys WRT or something? Tomato / DD-WRT? That's how I found it.
no, i've been using it locally only. i've recently upgraded my firewall laptop to an alix board and now installed pfsense instead of smoothwall. i never bothered to install the hosts file on smoothwall :)
…so you added it to pfsense manually, and it works? I haven't had a chance to try it out yet :(
yes, it works fine. before hacking the /etc/hosts file (which doesn't seem to bring many memory advantages in comparison to the blacklist package, i guess i have to test this more when i got time) i just adjusted the MVPS hosts file like this with vi:
- removed all lines with comments (#)
- removed every "127.0.0.1 " (including spaces) string
the remaining lines in the file are then just the domain names you want to block. i added this file to the ads blacklist as mentioned in my previous post (and did a sort/uniq). afterwards the webGUI of pfsense shows me ~15400 domains for the "ads" category instead of something like 700 domains.
-
question, i been reading and keeping up with the progress and I have to say the current DNS black list thing I use just kicks butt, is this the same thing or is this going to be different? also if this is the same (even if its not) is there any future plans to have the ability to white list sites that are on the black listed DNS (IE I black list porn and other adult sites, but a car forum gets blocked also) is there going or at least planned for the future a way to still black list adult sites but have a way to allow (white list?) certain sites like Nissanclub[dot]com or gaming clan sites? by either the IP and/or site address?? and (not sure how possible this could be) to set it up so only certain computers on the local network can access the white listed sites with out allowing every computer to access it?
Not sure if this makes sense, if needed I can try to explain it better…
-
Wow, haven't been around for a while so I dunno what updates mcrane made, but any of you whom I've not personally spoke with should note. I made many plans to add many new features, I re-did the web interface, and made a few php scripting fixes, added a whitelist, etc…. But the problem I had came down to the fact that mcrane did not want to use my blacklist in the package.
I started this package to help you guys, but in the end, it came down to what mcrane wanted since I couldn't submit the package myself, and if I didn't do it his way, he wouldn't submit it either, so we were limited to using an old, smaller, cheaper blacklist.
I have an entirely new package ready to go, with everything I wanted in the newest release, but it still comes down to the fact that the lists I gathered and spent MANY days sorting into categories from many various websites, just can't be used because 2 of the lists are not FREE, even though all of the URLs in the list can be gathered by anyone, or duplicated by anyone, the work/time that the seller of the two lists is what costs money, and even if I buy just one copy for myself, distributing it to everyone on here would be against the TOS from the sellers of the catagorized lists.
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
Sorry, but that is how it is.
-
That sucks like hell!!!
To be honest…......
Wow, haven't been around for a while so I dunno what updates mcrane made, but any of you whom I've not personally spoke with should note. I made many plans to add many new features, I re-did the web interface, and made a few php scripting fixes, added a whitelist, etc…. But the problem I had came down to the fact that mcrane did not want to use my blacklist in the package.
I started this package to help you guys, but in the end, it came down to what mcrane wanted since I couldn't submit the package myself, and if I didn't do it his way, he wouldn't submit it either, so we were limited to using an old, smaller, cheaper blacklist.
I have an entirely new package ready to go, with everything I wanted in the newest release, but it still comes down to the fact that the lists I gathered and spent MANY days sorting into categories from many various websites, just can't be used because 2 of the lists are not FREE, even though all of the URLs in the list can be gathered by anyone, or duplicated by anyone, the work/time that the seller of the two lists is what costs money, and even if I buy just one copy for myself, distributing it to everyone on here would be against the TOS from the sellers of the catagorized lists.
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
Sorry, but that is how it is.
-
xa0z has not contacted me within the last month or even longer and asked me to commit a new version of this package.
I spent many days (about a week) helping xa0z get started with PHP code specific to this package. I coached him through nearly every detail and wrote much of it myself to save time. When it came down to the list I discovered that the company or individual that the original list came from had placed restrictions on the distribution of the list. So a free list without restriction was found and used instead. As a developer that makes a living writing code I respect intellectual property, licensing, and to me that includes large DNS blacklists where the creator of the list puts some type of license on it.
xa0z disagrees with me on the restrictions that was placed by the creator of the blacklist. We are at an impasse on this issue.
I like the idea of the DNS black list package it was an idea I planned on writing before I ever talked to xa0z. I haven't done any updates because xa0z has claimed it and still does as far as I know. I came up with the name of the package xa0z wanted to use a different name. I wished I would have put it under the name he had come up with then I would have created a new package called DNS Blacklist and we would have forked the blacklists by now. This is still an option that is perfectly fine with me.
P.S. I'm not the only developer with commit access enough effort and some asking around and you can find someone to commit updates or become a commiter for yourself.
-
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
This is news to me. I don't remember you saying the project is mine. It has sat in limbo as I assumed that you were still claiming it.
-
@mcrane:
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
This is news to me. I don't remember you saying the project is mine. It has sat in limbo as I assumed that you were still claiming it.
Now that the project is yours, you can hook it up ;) (Hell, I don't care who owns it, as long as its awesomeness increases)
-
heck if I knew code I would be happy to try and learn to help you out, I just love the DNS black list thing and I would love to see this turn to pure awsomeness…even if I need learn how to code and all that...I really think this has great potential and a great added value too...I really hate seeing something that has really great potential just die...heck if needed lets think of a new name for it?...
Hope to see this or some type of black list happen...
-
Exactly! Add the Country IP blacklist feature and very many admins would see it like christmas!!
-
Oh???
That is total b/s mcrane and you know it. When I first started working on the project, I had made the entire GUI myself, and had HALF of the code done myself. I came to you asking for help when I was having problems with the CHECKBOXES for the categories. When we talked, you told me it was a great idea to work with and you wanted to help me. After I submitted what I had to you, you then changed how I had originally started the listing of the categories, and the checkboxes for the JS/Post/Action because you said it would be better, faster, etc. I had already come up with a name which included "dns blacklist" and you suggested to just make it "dns blacklist".
And I had spoke with you on IRC last month about everything I had done and you said you didn't have time for the project with you working on the new PBX version. I then said that you can just keep it and do what you want with it since the issue with the blacklist was still at hand and that I couldn't commit it myself, and didn't know anyone else who could help me. I don't care much anymore for the project, and everyone knows it was all mine in the beginning and that you helped me get it going because I was lost without your help, and I admit it.
Don't make it out to be something it isn't, or wasn't. I also did take much time to gather blacklists from all over the web and compile them together into a single package to use with the DNS Blacklist package. Then, I also made sure to mix up each categories source file so that in no way could they ever be seen as a duplicate/clone/copy of anyone elses, since you originally told me that they source files could not replicate someone elses, but then after I did that, you still said we couldn't use the one I made because that one site might still have the same IP/Host as my compiled lists, which would break the agreement with the other company's list usage. Then again, the list being used now contains over 5000 hosts so far that I've counted that are within that list from the other company, that is charged for. Therefor you are going against your own word.
None the less, I don't care. I can release the package I have on here and everyone who has DNS Blacklist installed can just extract my tarball into their /packages/dnsblacklist directory, and move the blacklist database, but I dunno if I want to do that now, there is no point because you're out to make it all about you because I asked for your help with some of the project.
-
Oh, I forgot one thing, you made the download/installer part of the package since I didn't know how and you said you would rather do it than show me where to learn about it.
-
Oh, I forgot one thing, you made the download/installer part of the package since I didn't know how and you said you would rather do it than show me where to learn about it.
That would've have taken a long time to explain in detail. Time which I didn't have to spend.
-
It would be good to fork this package that way you can do whatever you want on your package and that would end this dispute. You can use your original name or the current name and I will find a different one. Don't blame lack of commit access on me you can get it if you want it enough. You can either do a little work and find someone to help you commit or spend some time and get commit access and learn how to do it for yourself. Talk to Chris about commit access if you want it his username cmb.
I did that, you still said we couldn't use the one I made because that one site might still have the same IP/Host as my compiled lists, which would break the agreement with the other company's list usage. Then again, the list being used now contains over 5000 hosts so far that I've counted that are within that list from the other company, that is charged for. Therefor you are going against your own word.
If an author writes a book the author doesn't own the words used in the book but rather holds copyright to the order they are placed in the book. Blacklists would definitely have domains that are in other lists those domains are not owned by the blacklist. The owner simply holds copyright to domains in the order they placed them in the their blacklist. Taking domains from a paid list and simply putting them in a different order seems un-ethical to me. Gathering free lists and adding your own domains you found to the list would be perfectly fine even if they contained domains from other non free lists.
-
Hmm another option for the blacklist would be to make it possible for the user to upload the blacklist or provide instructions to pull an alternative blacklist using fetch and extract the list to the correct directory.
-
After talking to mcrane, I have decided to update the DNS Blacklist User Interface only. I will NOT supply any blacklist databases in my update, but I will give you a blacklist database to download from my server IF you want to use it, or there will be a list of included locations where you can freely get your own Blacklist database.
My update will only modify the user interface, but will add the option to enter domains/urls for whitelisting, for now since that's what I have on this box at the moment.
The only way you can install this update is, you will have to login to your pfsense shell, navigate your way to the dns-blacklist web package directory and wget my update, then extract it. All it will over-write is the user-interface and give you the added features.
Instructions on my blacklist will come later.
-
Pls add the country IP blacklist feature…. If its a matter of time an money, I will arrange that as well!
That is exactly what I am after regarding public Ip safety and the feature to which, most of netadmins would be very glad you continued the blacklist package for Pfsense....! And if you can get Chris to grant you commit access, it would be a neat feature if one could update the thing via the webgui...
-
After talking to mcrane, I have decided to update the DNS Blacklist User Interface only. I will NOT supply any blacklist databases in my update, but I will give you a blacklist database to download from my server IF you want to use it, or there will be a list of included locations where you can freely get your own Blacklist database.
My update will only modify the user interface, but will add the option to enter domains/urls for whitelisting, for now since that's what I have on this box at the moment.
The only way you can install this update is, you will have to login to your pfsense shell, navigate your way to the dns-blacklist web package directory and wget my update, then extract it. All it will over-write is the user-interface and give you the added features.
Instructions on my blacklist will come later.
Thank you very much, I am almost like a kid on christmas when I saw this, again I thank you for providing the update even if its GUI only, this will be useful!!
-
I promise to get something done, I just cant release something right this minute without doing some testing. Also an IP/Country Blacklist might be hard because I don't know all of these IPs that are designated to specific countries, but I will allow adding IPs/ranges/subnets in time, just not on this next update.
I have had a long busy day and am very tired so I want to rest before I goto work tonight, but I hope I can get you guys something this weekend. Be patient.
-
http://www.countryipblocks.net/
Is the site you want for the Country IP blacklist….