DNS Blacklist, New Package! Check it out.
-
xa0z has not contacted me within the last month or even longer and asked me to commit a new version of this package.
I spent many days (about a week) helping xa0z get started with PHP code specific to this package. I coached him through nearly every detail and wrote much of it myself to save time. When it came down to the list I discovered that the company or individual that the original list came from had placed restrictions on the distribution of the list. So a free list without restriction was found and used instead. As a developer that makes a living writing code I respect intellectual property, licensing, and to me that includes large DNS blacklists where the creator of the list puts some type of license on it.
xa0z disagrees with me on the restrictions that was placed by the creator of the blacklist. We are at an impasse on this issue.
I like the idea of the DNS black list package it was an idea I planned on writing before I ever talked to xa0z. I haven't done any updates because xa0z has claimed it and still does as far as I know. I came up with the name of the package xa0z wanted to use a different name. I wished I would have put it under the name he had come up with then I would have created a new package called DNS Blacklist and we would have forked the blacklists by now. This is still an option that is perfectly fine with me.
P.S. I'm not the only developer with commit access enough effort and some asking around and you can find someone to commit updates or become a commiter for yourself.
-
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
This is news to me. I don't remember you saying the project is mine. It has sat in limbo as I assumed that you were still claiming it.
-
@mcrane:
In the end, I gave up, I told mcrane the project is his, and to do what he wants. There is no point in me doing something like this, and having less than 50% control of it.
This is news to me. I don't remember you saying the project is mine. It has sat in limbo as I assumed that you were still claiming it.
Now that the project is yours, you can hook it up ;) (Hell, I don't care who owns it, as long as its awesomeness increases)
-
heck if I knew code I would be happy to try and learn to help you out, I just love the DNS black list thing and I would love to see this turn to pure awsomeness…even if I need learn how to code and all that...I really think this has great potential and a great added value too...I really hate seeing something that has really great potential just die...heck if needed lets think of a new name for it?...
Hope to see this or some type of black list happen...
-
Exactly! Add the Country IP blacklist feature and very many admins would see it like christmas!!
-
Oh???
That is total b/s mcrane and you know it. When I first started working on the project, I had made the entire GUI myself, and had HALF of the code done myself. I came to you asking for help when I was having problems with the CHECKBOXES for the categories. When we talked, you told me it was a great idea to work with and you wanted to help me. After I submitted what I had to you, you then changed how I had originally started the listing of the categories, and the checkboxes for the JS/Post/Action because you said it would be better, faster, etc. I had already come up with a name which included "dns blacklist" and you suggested to just make it "dns blacklist".
And I had spoke with you on IRC last month about everything I had done and you said you didn't have time for the project with you working on the new PBX version. I then said that you can just keep it and do what you want with it since the issue with the blacklist was still at hand and that I couldn't commit it myself, and didn't know anyone else who could help me. I don't care much anymore for the project, and everyone knows it was all mine in the beginning and that you helped me get it going because I was lost without your help, and I admit it.
Don't make it out to be something it isn't, or wasn't. I also did take much time to gather blacklists from all over the web and compile them together into a single package to use with the DNS Blacklist package. Then, I also made sure to mix up each categories source file so that in no way could they ever be seen as a duplicate/clone/copy of anyone elses, since you originally told me that they source files could not replicate someone elses, but then after I did that, you still said we couldn't use the one I made because that one site might still have the same IP/Host as my compiled lists, which would break the agreement with the other company's list usage. Then again, the list being used now contains over 5000 hosts so far that I've counted that are within that list from the other company, that is charged for. Therefor you are going against your own word.
None the less, I don't care. I can release the package I have on here and everyone who has DNS Blacklist installed can just extract my tarball into their /packages/dnsblacklist directory, and move the blacklist database, but I dunno if I want to do that now, there is no point because you're out to make it all about you because I asked for your help with some of the project.
-
Oh, I forgot one thing, you made the download/installer part of the package since I didn't know how and you said you would rather do it than show me where to learn about it.
-
Oh, I forgot one thing, you made the download/installer part of the package since I didn't know how and you said you would rather do it than show me where to learn about it.
That would've have taken a long time to explain in detail. Time which I didn't have to spend.
-
It would be good to fork this package that way you can do whatever you want on your package and that would end this dispute. You can use your original name or the current name and I will find a different one. Don't blame lack of commit access on me you can get it if you want it enough. You can either do a little work and find someone to help you commit or spend some time and get commit access and learn how to do it for yourself. Talk to Chris about commit access if you want it his username cmb.
I did that, you still said we couldn't use the one I made because that one site might still have the same IP/Host as my compiled lists, which would break the agreement with the other company's list usage. Then again, the list being used now contains over 5000 hosts so far that I've counted that are within that list from the other company, that is charged for. Therefor you are going against your own word.
If an author writes a book the author doesn't own the words used in the book but rather holds copyright to the order they are placed in the book. Blacklists would definitely have domains that are in other lists those domains are not owned by the blacklist. The owner simply holds copyright to domains in the order they placed them in the their blacklist. Taking domains from a paid list and simply putting them in a different order seems un-ethical to me. Gathering free lists and adding your own domains you found to the list would be perfectly fine even if they contained domains from other non free lists.
-
Hmm another option for the blacklist would be to make it possible for the user to upload the blacklist or provide instructions to pull an alternative blacklist using fetch and extract the list to the correct directory.
-
After talking to mcrane, I have decided to update the DNS Blacklist User Interface only. I will NOT supply any blacklist databases in my update, but I will give you a blacklist database to download from my server IF you want to use it, or there will be a list of included locations where you can freely get your own Blacklist database.
My update will only modify the user interface, but will add the option to enter domains/urls for whitelisting, for now since that's what I have on this box at the moment.
The only way you can install this update is, you will have to login to your pfsense shell, navigate your way to the dns-blacklist web package directory and wget my update, then extract it. All it will over-write is the user-interface and give you the added features.
Instructions on my blacklist will come later.
-
Pls add the country IP blacklist feature…. If its a matter of time an money, I will arrange that as well!
That is exactly what I am after regarding public Ip safety and the feature to which, most of netadmins would be very glad you continued the blacklist package for Pfsense....! And if you can get Chris to grant you commit access, it would be a neat feature if one could update the thing via the webgui...
-
After talking to mcrane, I have decided to update the DNS Blacklist User Interface only. I will NOT supply any blacklist databases in my update, but I will give you a blacklist database to download from my server IF you want to use it, or there will be a list of included locations where you can freely get your own Blacklist database.
My update will only modify the user interface, but will add the option to enter domains/urls for whitelisting, for now since that's what I have on this box at the moment.
The only way you can install this update is, you will have to login to your pfsense shell, navigate your way to the dns-blacklist web package directory and wget my update, then extract it. All it will over-write is the user-interface and give you the added features.
Instructions on my blacklist will come later.
Thank you very much, I am almost like a kid on christmas when I saw this, again I thank you for providing the update even if its GUI only, this will be useful!!
-
I promise to get something done, I just cant release something right this minute without doing some testing. Also an IP/Country Blacklist might be hard because I don't know all of these IPs that are designated to specific countries, but I will allow adding IPs/ranges/subnets in time, just not on this next update.
I have had a long busy day and am very tired so I want to rest before I goto work tonight, but I hope I can get you guys something this weekend. Be patient.
-
http://www.countryipblocks.net/
Is the site you want for the Country IP blacklist….
-
Maybe the IP Blacklist is something mcrane can do as another package. My package is dealing with DNS, and you can't do an IP Blacklist with DNS. Doing an IP Blacklist would require modifying your iptables to block route to the IPs or Subnets selected, and that's not exactly something I want to mess with, especially at this time anyway.
-
Here is a little teaser for you guys… I still need to work on how we read/edit the blacklist. I was doing it with PHP but it uses too much RAM, so now we're doing it in sh which runs a lot quicker. Just need a little more time, so please be patient.
-
Here is a little teaser for you guys… I still need to work on how we read/edit the blacklist. I was doing it with PHP but it uses too much RAM, so now we're doing it in sh which runs a lot quicker. Just need a little more time, so please be patient.
I don't mind waiting, take your time, I would rather wait and have you get it correctly working then to be rushed and have it break something, thanks for working on it further!
-
Hi,
First of all thanks for the package.
I am moving my PFsense 1.2.3 to newer hardware and would like to use DNS Blacklist with new install. I have tried and like how it works and the idea.
I am having a problem that I have no been able to solve, probably missing something or don't know full usage of the package. At my company we are using Google Apps for email and other services, the email accounts are setup for POP and SMTP use and have email clients configured.
If DNS Blaclist is enable with only adult filter the smtp and pop.gmail.com becomes inaccessible, if I disable the adult filter or DNS Blacklist, everything works well again. For your knowledge google emails uses SSL ports for email configuration, ports 465 and 995.
I have looked in the /adults/domain, /url and /expressions files and have no found anything for gmail.
For the moment I have to stop the use until whitelist will be available or find a solution for my problem.
¿Any suggestions or Idea?
Many Thanks :-\
-
more then likely whats going on is that site or what ever your trying to access (even though safe) happens to share a DNS server that is with in the black list…least thats my conclusion that makes the most sense to me...