Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlocker and Paramount +

    Scheduled Pinned Locked Moved pfBlockerNG
    5 Posts 4 Posters 92 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      cburbs
      last edited by

      Besides excluding a roku/Shield from PfBlocker has anyone been able to define all the whitelist items for playback to work properly?

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG Offline
        Gertjan @cburbs
        last edited by

        @cburbs

        With excluding you mean adding the IP of the device here :

        bbbc514d-916c-4912-9bcf-f8cf06970fb1-image.png

        ?
        Be ware that adding a policy like that has side effects.
        Like : when the device asks for host name to be resolved, like an add server, this host name will now be avaible ... for all your LAN devices, as it's now part of the resolver's cache.

        If a white list would exist, I would use it into a black list ^^
        The thing is : Paramount employees read this forum as well, so the list wouldn't age very well / becomes useless in a short time.

        If you use DNSBL to blocks "to much", use the device, and track all the block requests from the device, and use the black round + button to white list them.

        0b5c0c5e-1172-4096-962d-452d722e0022-image.png

        Ones a host name is white listed, it will be whitelist for all your LAN network devices.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        C 1 Reply Last reply Reply Quote 0
        • C Offline
          cburbs @Gertjan
          last edited by

          @Gertjan

          Correct on excluding the IP as that is the only place I know where to do it is in the Python Group Policy.

          Can you expand on - Like : when the device asks for host name to be resolved, like an add server, this host name will now be avaible ... for all your LAN devices, as it's now part of the resolver's cache.

          Ones a host name is white listed, it will be whitelist for all your LAN network devices. Correct and this is why I wish a knew of a way to just do exclusions for a single device.

          S 1 Reply Last reply Reply Quote 0
          • D Offline
            DirtyRat
            last edited by

            Not sure what you're struggling with, but I was having Disney+ issues at my home. Could not visit the website, no devices would connect. If I used cell data, I could login to their website, but from the home I'd get a "Try again later" message.

            I called Disney tech support, explained what was happening. He asked for my WAN IP and zip code, once I provided that, all my problems disappeared. They had some sort of locational block on my account for some reason.

            1 Reply Last reply Reply Quote 0
            • S Offline
              SteveITS Galactic Empire @cburbs
              last edited by

              @cburbs said in PfBlocker and Paramount +:

              exclusions for a single device

              Unbound has "views" but I've generally used it to block access for one device, to override DNS. In that case in Custom Options in unbound/DNS Resolver settings, one would put:

              server:
access-control-view: 10.1.1.4/32 blockyoutube

view:
name: "blockyoutube"
view-first: yes
local-data: "youtube.com. 900 IN A 127.0.0.2"
local-data: "www.youtube.com. 900 IN A 127.0.0.2"

              Perhaps you can find a way to forward or resolve correctly for the specified IP.

              Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
              Upvote 👍 helpful posts!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.