PfBlockerNG v2.0 w/DNSBL
-
Did you enabled pfBlockerNG ? Is dnsbl service up and running ? YES; General > Enable pfBlockerNG > Check
Did you run a Force Upload ? a Force Reload? Firewall > pfBlockerNG > Update: Update, Cron, Reload – no Force option available. Ran CRON
Did you look at the pfBlockerNG.log? Yes, I don't see any errors.I'm stumped; Never had a problem with pfb
-
Well I am still on 2.2.6 and I see in pfBlockerNG: Update
Force Update will download any new Alias/Lists.
Force Cron will download any Alias/Lists that are within the Frequency Setting (due for Update).
Force Reload will reload all Lists using the existing Downloaded files. This is useful when Lists are out of 'sync' or Reputation changes were made.But if there are no IP in you DSNBL table, then there will be no need for floating rules.Configure settings for Firewall Rules when any DNSBL Feed contain IP Addresses
Actually as soon as you enable "DNSBL IP" it will add "1.1.1.1" to make sure its not empty… So the Floating rule should show if that option was enabled..
Do you have any IPV4 alias defined ?
-
Well I am still on 2.2.6 and I see in pfBlockerNG: Update
Force Update will download any new Alias/Lists.
Force Cron will download any Alias/Lists that are within the Frequency Setting (due for Update).
Force Reload will reload all Lists using the existing Downloaded files. This is useful when Lists are out of 'sync' or Reputation changes were made.But if there are no IP in you DSNBL table, then there will be no need for floating rules.Configure settings for Firewall Rules when any DNSBL Feed contain IP Addresses
Actually as soon as you enable "DNSBL IP" it will add "1.1.1.1" to make sure its not empty… So the Floating rule should show if that option was enabled..
Do you have any IPV4 alias defined ?
I have no IP aliases defined
I can ping 10.10.10.1 but there is no rule displayed in the gui.
-
Is there a way to add this to pfBlockerNG or Aliases, this list of domains
Hi Chain, that list can be parsed without issues… If that was from a URL, just add the URL to a DNSBL alias ... You could also paste that into a custom list and the package will parse it...
-
I can ping 10.10.10.1 but there is no rule displayed in the gui.
All DNSBL alerts are visible in the pfBlockerNG Alerts tab (DNSBL section)… You should be able to ping the DNSBL VIP and browse to it also (1x1 pix)... Not sure exactly what the issue you are having?
-
The issue is that I have selected the option that creates a floating rule to the VIP DNSBL IP but there is no floating rule visible in the GUI. In the past this rule was always created.
This is on a vanilla pfsense install.
According to the service status widget, the DNSBL service is running.
-
Did you select the Interface(s) for the Permit Rule?
-
Did you select the Interface(s) for the Permit Rule?
Can you expound on this? Where exactly is this option?
-
Did you select the Interface(s) for the Permit Rule?
Can you expound on this? Where exactly is this option?
DNSBL Tab: DNSBL Firewall Rule: Interface menu options
-
Is there a way to add this to pfBlockerNG or Aliases, this list of domains
Hi Chain, that list can be parsed without issues… If that was from a URL, just add the URL to a DNSBL alias ... You could also paste that into a custom list and the package will parse it...
i did that, but I notices that it don't show up in the list of site to block, that the link below for the site
http://pastebin.com/050GLwG8
Its a good site for block windows 7-10 spying on people
-
Is there a way to add this to pfBlockerNG or Aliases, this list of domains
Hi Chain, that list can be parsed without issues… If that was from a URL, just add the URL to a DNSBL alias ... You could also paste that into a custom list and the package will parse it...
i did that, but I notices that it don't show up in the list of site to block, that the link below for the site
http://pastebin.com/050GLwG8
Its a good site for block windows 7-10 spying on people
Click the "Raw" button, and you should be able to pull that list with DNSBL, as it removes the HTML formatting…
http://pastebin.com/raw/050GLwG8
-
I've attached some pictures to hopefully shed some light on the issue. As I've said, I have configured pfblockerng and DNSBL succesfully many times in the past without issue.
Can you run this command and send me the output:
grep -B10 -A12 "pfB_DNSBL_Allow_access_to_VIP" /conf/config.xml
-
I've attached some pictures to hopefully shed some light on the issue. As I've said, I have configured pfblockerng and DNSBL succesfully many times in the past without issue.
Can you run this command and send me the output:
grep -B10 -A12 "pfB_DNSBL_Allow_access_to_VIP" /conf/config.xml
PM sent
-
Sent you a reply.
-
Hello BBcan177 thanks for a great package, update for 2.2.6 will or only for 2.3.x?
-
Hello BBcan177 thanks for a great package, update for 2.2.6 will or only for 2.3.x?
You can upgrade from 2.2.x to 2.3.x and pfBlockerNG will upgrade without issue…
-
Thank you for this BBcan177.
I am using it for over a year now everything working really fine.
I want to filter the adult website using this package is this even possible or have to install a proxy ? -
Thank you for this BBcan177.
I am using it for over a year now everything working really fine.
I want to filter the adult website using this package is this even possible or have to install a proxy ?Just have to add the domains that you want to block into a DNSBL Alias…
-
pfBlockerNG v2.0.15 - Pull Request #140 was merged:
See the following for details:
https://github.com/pfsense/FreeBSD-ports/pull/140UPDATE:
Please wait for pfBlockerNG v2.0.16 due to the following unescaped variable issue:
https://github.com/pfsense/FreeBSD-ports/pull/143/files -
pfBlockerNG v2.0.15 - Pull Request #140 was merged:
See the following for details:
https://github.com/pfsense/FreeBSD-ports/pull/140UPDATE:
Please wait for pfBlockerNG v2.0.16 due to the following unescaped variable issue:
https://github.com/pfsense/FreeBSD-ports/pull/143/filesGreat job. Just resolved the issue with dnsbl service not starting.