DNS Blacklist, New Package! Check it out.
-
Oh, I forgot one thing, you made the download/installer part of the package since I didn't know how and you said you would rather do it than show me where to learn about it.
-
Oh, I forgot one thing, you made the download/installer part of the package since I didn't know how and you said you would rather do it than show me where to learn about it.
That would've have taken a long time to explain in detail. Time which I didn't have to spend.
-
It would be good to fork this package that way you can do whatever you want on your package and that would end this dispute. You can use your original name or the current name and I will find a different one. Don't blame lack of commit access on me you can get it if you want it enough. You can either do a little work and find someone to help you commit or spend some time and get commit access and learn how to do it for yourself. Talk to Chris about commit access if you want it his username cmb.
I did that, you still said we couldn't use the one I made because that one site might still have the same IP/Host as my compiled lists, which would break the agreement with the other company's list usage. Then again, the list being used now contains over 5000 hosts so far that I've counted that are within that list from the other company, that is charged for. Therefor you are going against your own word.
If an author writes a book the author doesn't own the words used in the book but rather holds copyright to the order they are placed in the book. Blacklists would definitely have domains that are in other lists those domains are not owned by the blacklist. The owner simply holds copyright to domains in the order they placed them in the their blacklist. Taking domains from a paid list and simply putting them in a different order seems un-ethical to me. Gathering free lists and adding your own domains you found to the list would be perfectly fine even if they contained domains from other non free lists.
-
Hmm another option for the blacklist would be to make it possible for the user to upload the blacklist or provide instructions to pull an alternative blacklist using fetch and extract the list to the correct directory.
-
After talking to mcrane, I have decided to update the DNS Blacklist User Interface only. I will NOT supply any blacklist databases in my update, but I will give you a blacklist database to download from my server IF you want to use it, or there will be a list of included locations where you can freely get your own Blacklist database.
My update will only modify the user interface, but will add the option to enter domains/urls for whitelisting, for now since that's what I have on this box at the moment.
The only way you can install this update is, you will have to login to your pfsense shell, navigate your way to the dns-blacklist web package directory and wget my update, then extract it. All it will over-write is the user-interface and give you the added features.
Instructions on my blacklist will come later.
-
Pls add the country IP blacklist feature…. If its a matter of time an money, I will arrange that as well!
That is exactly what I am after regarding public Ip safety and the feature to which, most of netadmins would be very glad you continued the blacklist package for Pfsense....! And if you can get Chris to grant you commit access, it would be a neat feature if one could update the thing via the webgui...
-
After talking to mcrane, I have decided to update the DNS Blacklist User Interface only. I will NOT supply any blacklist databases in my update, but I will give you a blacklist database to download from my server IF you want to use it, or there will be a list of included locations where you can freely get your own Blacklist database.
My update will only modify the user interface, but will add the option to enter domains/urls for whitelisting, for now since that's what I have on this box at the moment.
The only way you can install this update is, you will have to login to your pfsense shell, navigate your way to the dns-blacklist web package directory and wget my update, then extract it. All it will over-write is the user-interface and give you the added features.
Instructions on my blacklist will come later.
Thank you very much, I am almost like a kid on christmas when I saw this, again I thank you for providing the update even if its GUI only, this will be useful!!
-
I promise to get something done, I just cant release something right this minute without doing some testing. Also an IP/Country Blacklist might be hard because I don't know all of these IPs that are designated to specific countries, but I will allow adding IPs/ranges/subnets in time, just not on this next update.
I have had a long busy day and am very tired so I want to rest before I goto work tonight, but I hope I can get you guys something this weekend. Be patient.
-
http://www.countryipblocks.net/
Is the site you want for the Country IP blacklist….
-
Maybe the IP Blacklist is something mcrane can do as another package. My package is dealing with DNS, and you can't do an IP Blacklist with DNS. Doing an IP Blacklist would require modifying your iptables to block route to the IPs or Subnets selected, and that's not exactly something I want to mess with, especially at this time anyway.
-
Here is a little teaser for you guys… I still need to work on how we read/edit the blacklist. I was doing it with PHP but it uses too much RAM, so now we're doing it in sh which runs a lot quicker. Just need a little more time, so please be patient.
-
Here is a little teaser for you guys… I still need to work on how we read/edit the blacklist. I was doing it with PHP but it uses too much RAM, so now we're doing it in sh which runs a lot quicker. Just need a little more time, so please be patient.
I don't mind waiting, take your time, I would rather wait and have you get it correctly working then to be rushed and have it break something, thanks for working on it further!
-
Hi,
First of all thanks for the package.
I am moving my PFsense 1.2.3 to newer hardware and would like to use DNS Blacklist with new install. I have tried and like how it works and the idea.
I am having a problem that I have no been able to solve, probably missing something or don't know full usage of the package. At my company we are using Google Apps for email and other services, the email accounts are setup for POP and SMTP use and have email clients configured.
If DNS Blaclist is enable with only adult filter the smtp and pop.gmail.com becomes inaccessible, if I disable the adult filter or DNS Blacklist, everything works well again. For your knowledge google emails uses SSL ports for email configuration, ports 465 and 995.
I have looked in the /adults/domain, /url and /expressions files and have no found anything for gmail.
For the moment I have to stop the use until whitelist will be available or find a solution for my problem.
¿Any suggestions or Idea?
Many Thanks :-\
-
more then likely whats going on is that site or what ever your trying to access (even though safe) happens to share a DNS server that is with in the black list…least thats my conclusion that makes the most sense to me...
-
more then likely whats going on is that site or what ever your trying to access (even though safe) happens to share a DNS server that is with in the black list…least thats my conclusion that makes the most sense to me...
My apologies, I'll explain what has happed on a seccond review.
- I use WinSCP to access my box, I used the text editor included in winSCP and the search function did not work so could no find what I was looking for.
- When changes are made to DNS Blacklist, have to disable and enable the package again, then it reload settings
- Have to do a DNS Flush on my PC, Windows, so I clean DNS destinations.
As I said need further information to use properly, would suggest a manual for the application and if you wish I could set a Google Apps document for you where collaborative work for editing and share could be applied. Also could make some translations on it.
Thanks
-
now when you change the settings (and reload the package to make said changes take effect) then flush the DNS on the PC's does it work correctly, or does it block needed sites? or does it block them before the DNS flush?
-
Okay guys. What other "addons" do we need? We already have the category section, the manual addition of both whitelisting and blacklisting.
We can't do blocking by IP only so that's out. I can't really think of too much more.
-
Okay guys. What other "addons" do we need? We already have the category section, the manual addition of both whitelisting and blacklisting.
Been a while since I have checked this project out, however at the time it redirected a blocked page to google. The ability to set up a custom redirect would be awesome.
With Regards….
-
hmmm…I was thinking about that my self too and I think that would be something really good to have also (not all of us prefer to use/redirect to google...lol!)
-
You can change the IP to redirect to. But since we're using DNSMasq, we can only tell it an IP to resolve to. We can't use hostnames without also telling the server that such and such IP should reverse to such and such domain. Using the google IP was easiest, but you can just put it as 0.0.0.0 if you want.