<![CDATA[DNS Resolver fails after enabling pfBlockerNG (DNSBL)]]>Does anyone have any idea why the DNS Resolver doesn't work after enabling DNSBL? I tried doing some diagnostics (Diagnostic -> DNS Lookup), but unfortunately, 127.0.0.1 returns "No response".

]]>https://forum.netgate.com/topic/195352/dns-resolver-fails-after-enabling-pfblockerng-dnsblRSS for NodeSun, 19 Apr 2026 09:17:30 GMTWed, 27 Nov 2024 06:48:17 GMT60<![CDATA[Reply to DNS Resolver fails after enabling pfBlockerNG (DNSBL) on Thu, 28 Nov 2024 16:16:47 GMT]]>@beluclark said in DNS Resolver fails after enabling pfBlockerNG (DNSBL):

Unfortunately

Is it ? The image you've shown is like mine : the unbound answer is correct, The host couldn't be resolved.

Way better as the GUI : the command line (not the GUI command line of course).
SSH will do just fine, menu option 8.

Ask unbound to resolve "google.com", using 127.0.0.1, as unbound listens on 127.0.0.1 :

dig @127.0.0.1 google.com

or even

dig @127.0.0.1 google.com +trace
]]>https://forum.netgate.com/post/1197509https://forum.netgate.com/post/1197509Thu, 28 Nov 2024 16:16:47 GMT<![CDATA[Reply to DNS Resolver fails after enabling pfBlockerNG (DNSBL) on Wed, 27 Nov 2024 08:04:47 GMT]]>@Gertjan Unfortunately,

f3c0fd4a-8f12-4c62-897d-d95fcb47ee61-image.png

]]>https://forum.netgate.com/post/1197201https://forum.netgate.com/post/1197201Wed, 27 Nov 2024 08:04:47 GMT<![CDATA[Reply to DNS Resolver fails after enabling pfBlockerNG (DNSBL) on Wed, 27 Nov 2024 08:02:02 GMT]]>@beluclark said in DNS Resolver fails after enabling pfBlockerNG (DNSBL):

Unbound was still running and listening to 127.0.0.1:53 (*:53).

The, even when you ask it utterly BS? it should reply :

7e9d18ca-374b-4307-aec2-9826ea193e8e-image.png

with no answer as there isn't an answer.
This is better :

adfdb7d5-c47c-4326-8c9f-732400986c3c-image.png

]]>https://forum.netgate.com/post/1197200https://forum.netgate.com/post/1197200Wed, 27 Nov 2024 08:02:02 GMT<![CDATA[Reply to DNS Resolver fails after enabling pfBlockerNG (DNSBL) on Wed, 27 Nov 2024 07:54:00 GMT]]>@Gertjan said in DNS Resolver fails after enabling pfBlockerNG (DNSBL):

I saw this :

ea0bf9de-36a9-4ef1-8d32-5024b67c8fdb-image.png

Yes, I have the same logs..

Unbound was still running and listening to 127.0.0.1:53 (*:53).

]]>https://forum.netgate.com/post/1197196https://forum.netgate.com/post/1197196Wed, 27 Nov 2024 07:54:00 GMT<![CDATA[Reply to DNS Resolver fails after enabling pfBlockerNG (DNSBL) on Wed, 27 Nov 2024 07:38:17 GMT]]>@beluclark

Look at the pfblockerng.log file : go to the bottom, and from theer on, go up and find the latest unbound restart : you should find :

4e207bc1-083e-4c36-9989-7771046d0626-image.png

I saw this :

ea0bf9de-36a9-4ef1-8d32-5024b67c8fdb-image.png

Next step : very first test / check : is unbound still running ?

(SSH or console command line !!)

[24.03-RELEASE][root@pfSense.bhf.tld]/root: ps aux | grep 'unbound.conf'
unbound 47572   0.0  3.3 155348 132220  -  Ss   15:36      6:02.13 /usr/local/sbin/unbound -c /var/unbound/unbound.conf

Is unbound listing on '127.0.0.1' ?

[24.03-RELEASE][root@pfSense.bhf.tld]/root: sockstat | grep 'unbound'
unbound  unbound    47572 3   udp6   *:53                  *:*
unbound  unbound    47572 4   tcp6   *:53                  *:*
unbound  unbound    47572 5   udp4   *:53                  *:*
unbound  unbound    47572 6   tcp4   *:53                  *:*
unbound  unbound    47572 8   tcp4   127.0.0.1:953         *:*

This shows me that u bound is listening on all ( ! ) existing interfaces, using port 53 ( of course ) using TCP and UDP, IPv4 and IPv6.

]]>https://forum.netgate.com/post/1197194https://forum.netgate.com/post/1197194Wed, 27 Nov 2024 07:38:17 GMT