Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - HeatmiserNYC

Pages: 1 [2]
pfBlockerNG / Re: DNSBL Interface
« on: April 13, 2017, 08:58:49 pm »
Hey BBCan,
Ran into some strangeness over the last few days. Why would I only be getting this in my logs? It appears that nothing else is resolving....

If your referring to the "unknown" msg, then that is normal for HTTPS alerts, the browser fails to load the DNSBL webserver (as expected) and as such only a portion of the alert can be logged. Hover over the key icon.

Did something change in with the logging? I'm fairly certain I never saw those messages on a regular basis. It was always source/destination of visited websites.....

pfBlockerNG / Re: DNSBL Interface
« on: April 13, 2017, 06:19:40 pm »
Hey BBCan,
Ran into some strangeness over the last few days. Why would I only be getting this in my logs? It appears that nothing else is resolving....

pfBlockerNG / Re: pfBlockerNG v2.0 w/DNSBL
« on: February 26, 2017, 05:39:11 pm »
Is there a way to get Reek's anti-adblocking list to work under Pfblocker? This would be extremely convenient.

My apologies if this has been asked a trillion times before....

DHCP and DNS / Re: DNSCrypt for pfsense 2.3 :)
« on: January 22, 2017, 10:45:36 pm »
"it serves just one singular purpose in the chain of networking"

For those users running in forwarder mode.. It has ZERO purpose when running resolver on pfsense. Which is the out of box configuration.. So while anyone creating packages for pfsense that work and add function is a good thing.  Your audience is going to be very small imho..

Why is this a small audience? Anybody running a Pfsense router with a VPN will likely be forwarding requests to an upstream DNS server. That's a pretty common thing.

DHCP and DNS / Re: Weird Unbound problem
« on: September 10, 2016, 10:47:29 am »
I show those both resolving fine
When your having an issue, do a simple query does it not resolve?  Do you get an error like servfail of nxdomain or just a timeout?

Notice that the ttl is only 600 seconds.  So if they have a problem with their dns, or you have a problem with connectivity to their dns using the resolver then you could have issues sure.  While if you using a proxy or some other connection with dns might have it cached?  Or might have different path to their dns or got an answer from their dns because lots and lots of users always calling for it and keeping the dns cache updated, etc.

You have to actually see what is going on when it fails via a query, then you could directly query their authoritative name servers, do you get a response then, etc.

Yea, they both resolve out of my network just fine, they def work as you have shown.

I get a timeout, nothing in logs or anything of the sort.

I can add a DNS entry manually with IP address and it will work appropriately. If I change my desktop local DNS server to any other DNS server it will resolve fine as well. The problem is with me but I can't seem to narrow it down.

It's a simple config, just using Unbound and no forwarding. By default Unbound should get it's info from root servers, it almost seems like the root servers are missing info about these websites.

I'm at a loss as to why only certain websites are affected....

DHCP and DNS / Weird Unbound problem
« on: September 10, 2016, 09:50:24 am »
Pfsense has been working fine for months but with one nagging problem.

Certain websites will simply not resolve. Full disclosure: I have a VPN running at all times and use Unbound without forwarding.

So far it's only a couple of websites but they are ones that I actually use. I know that they are active and working as I can reach them from proxies, my mobile, online ping tests etc.

Logs show that the sites aren't being blocked in any way so I'm not really sure what to look for.....

Any ideas?

Oh, here are a couple of the sites just for grins....

Update failed from 2.3.1-DEVELOPMENT and this is what it left behind.

I looked through the forum but didn't see this referenced, or maybe I missed it.

Thoughts on this?

pfBlockerNG / Re: pfBlockerNG
« on: January 24, 2015, 11:41:45 pm »
This whole thing with people posting how they have PfblockerNG while telling everybody else to be patient is...offputting.

pfBlockerNG / Re: pfBlockerNG
« on: January 22, 2015, 03:15:49 pm »
I would love for this package to come out....or at least be able to use it....

I don't use Squidguard for blocking GoogleAds.
Instead, use the DNS resolver and ad domain (not host) overide, use ip
On my side all GoogleAds have been totally blocked, even for https.

What domain are you blocking exactly? Googlesyndication?

You should be able to create a Target Category and then populate it with whatever domains you want.  I assume you've had no luck with the Shallalist or other blacklists?
Yea, Shallalist doesn't affect Google ads for some reason. I'll give the Target Category a try as well. Good looking out. If anybody else has any ideas feel free......

Looked all over the Internet for this and still can't find it...ugh.

Does anybody know how to accurately block Google ads via Squidguard? Step by Step please.

I've tried a few ways and can't seem to make this work.

Thanks beforehand.....

Pages: 1 [2]