dnsbl is not working properly

hajun29011

I have configured it according to the guide in this link https://www.zenarmor.com/docs/network-security-tutorials/pfblockerng. However, the dnsbl of pfblocker does not seem to work properly. I added the list to the custom list, but the blocking page does not appear. I have added the pictures below, so if you have any questions, please ask.

스크린샷 2025-03-18 141625.png 스크린샷 2025-03-18 141609.png 스크린샷 2025-03-18 141555.png 스크린샷 2025-03-18 141523.png 스크린샷 2025-03-18 141429.png 스크린샷 2025-03-18 141358.png 스크린샷 2025-03-18 141331.png 스크린샷 2025-03-18 141315.png 스크린샷 2025-03-18 141258.png 스크린샷 2025-03-18 141237.png

Gertjan

I edited one of my DNSBL groups :

and I've added, like you :

I reload everything :

On my test PC (192.168.1.6), I flushed my PC's DNS cache - just to be sure.
Now, the test :

for the domain dnsbltest.com : same result.
My browser was unable to resolve both never.com and dnsbltest.com.

It's normal that an "browser error" is shown, and not the :

because "10.10.10.1" would only work for non TLS (non https) web access.
10.10.10.1 could not intercept https requests.

Looking at the pfBlockerng Alerts page shows that both DNS request were blocked :

@hajun29011 said in dnsbl is not working properly:

https://www.zenarmor.com/docs/network-security-tutorials/pfblockerng

zenarmor ? Who is that ?
Why not using the official docs and/or video's ??
This is a bit vague :

Here : https://www.youtube.com/@NetgateOfficial/videos

hajun29011

@Gertjan Thanks for the answer. But I have a problem. Even though I don't see the page that appears on 10.10.10.1, my system doesn't block sites by default. I definitely added naver.com to the custom list, but when I access it, it connects normally. There is no blocking log either.

Uglybrian

After you make changes, are you updating PF blocker? When you make a change, you need to go to the bottom of the page press save. Then go to the updates and hit run. You also may need to reset the state table and clear the cash in your browser. Just a reminder as @ Gertjan has pointed out. You will only get the DNSBL web server page with http not https. For this reason, I set the global logging mode to Null Block (logging).

Gertjan

@hajun29011 said in dnsbl is not working properly:

I definitely added naver.com to the custom list, but when I access it, it connects normally. There is no blocking log either.

When I do not (!) add never.com here :

and I visit never.com in a browser, it will get listed here, on the Unified tab :

here it is :

When I add "never.com" to the (a) "DNSBL Custom_List" it will be blocked and shown on the Alerts tab :

If nothings shows up no where, then you have to double check if your device is using pFsense, the resolver, as the DNS server.

If the device you are testing is using some other DNS server, like 8.8.8.8 then the resolver and pfBlockerng will never see the DNS request, and pfBlockerng couldn't block the request.