Unwanted blocking of sites

  • Hello,

    So pfsense is blocking a few sites.
    I didn't setup any website blocking that i know of.

    I have snort, dns, and captive portal enabled.

    for example when i try to go to in any browser:

    but when i go to:

    It works just fine.

    And then when i switch over to a network without pfsense routing, like just a standard cisco router, Everything works perfectly fine.

    If it helps at all, when on the pfsense box i am able to ping and

  • define "blocking" - what happens?

    The most common cause from what you have listed there would be excessive Snort rules enabled with blocking set, where you're blocking a bunch of false positives with Snort.

  • Oh, i will have to look in to the snort rules then.

    When i say blocking, i mean, the browser will not even begin to pull the site up. It also does not even respond with a 404, making it unable to get to the site, or even begin loading it.

  • Actually.

    Im not sure that is the problem, Because I turned off snort, and it the issues are same.

    Refreshing networking, across all computer (regardless of OS) has the same results.

    What are other possibilities?

    Thanks in advance!

  • pfBlocker?
    Squid + Havp?

    Disable each service until it works? Don't just switch off, because the service will likely restart anyway. Don't forget to reset states, just incase and reload firewall rules.

  • I actually don't have many of those installed.

    And for the ones i did, i disabled them and reloaded the rules, still same result..

    Not really seeing anything in the logs either.

  • bump

  • How are your DNS servers setup in pfSense?

    If you go to diagnostics and do a DNS lookup from there does it resolve?

    Can you put in your browser and see that page?

  • Better define what the problem is. What do you get when you try to get to those sites? What do you get if you try to ping those sites? traceroute? What is it that's failing, DNS, IP connectivity, both, …?

    Not being able to hit such a large portion of the Internet, if you've ruled out packages, suggests you're doing something like maybe using a /1 mask or something equivalently wrong on an interface which is breaking your routing.

  • Hello, so I finally got some time to work on this again.

    So i've eliminated snort being the problem, by completely uninstalling the package and clearing everything.

    I've also disabled DNS forwarder.

    I was using DNS forwarder with my first 2 DNS' coming from my ISP
    then 3rd & 4th using and

    I have disabled every single package installed, and running on a bare installation with exception of captive portal.

    Also i am able to get to as now i am able to get to google.com

    when i say unable to access, i mean from a browser it will just time out. Will not get to a 404.

    Still not able to get to:

    pinging the above addresses using ping will return is "request timeout for icmp_sql x" - of course some IPs will not respond to ping, but slickdeals.net will.

    same for pfsense router Diagnostics: traceroute

    pinging slickdeals.net from another router will return:
    PING ( 56 data bytes
    64 bytes from icmp_seq=0 ttl=45 time=54.132 ms
    64 bytes from icmp_seq=1 ttl=45 time=56.532 ms

    pfsense router:
    1 * * *
    2 * * *
    3 * * *
    .. etc

    cisco router will return the whole path:
    1  x.y.z.a (x.y.z.a)  5.014 ms  1.010 ms  0.900 ms
    2  x.y.z.a (x.y.z.a)  3.696 ms  3.808 ms  6.722 ms
    xyz2-syz5.atl.oneringnetworks.net (x.y.z.a)  7.000 ms  15.927 ms  6.236 ms
    rav3-syz.atl.oneringnetworks.net (x.y.z.a)  5.670 ms  6.897 ms  6.809 ms
    … etc

    Under System: -> routes
    I have no static routes installed.

    looking at Diagnostic: Routing tables:

    there is a Destination = default
    which is pointed to the gateway

  • In case anyone was wondering, I fixed it by just re-install pfsense from scratch.

Log in to reply