pfSense Gold Subscription

Author Topic: DNSBL enable/disable is independent of General disable/enable  (Read 172 times)

0 Members and 1 Guest are viewing this topic.

Offline Qinn

  • Full Member
  • ***
  • Posts: 137
  • Karma: +5/-1
    • View Profile
DNSBL enable/disable is independent of General disable/enable
« on: December 26, 2017, 08:39:32 am »
I did not know how to describe the subject in such a way that anyone can find it easy when running into the misconception I made, so any moderator feel free to change the subject in anyway...

If you don't want to read all below, simple and plain; disabling pfBlockerNG in the General tab doesn't stop the DNSBL service (if you have enabled it).   
I assumed that disabling pfBlockerNG in the General Tab would bring down all  that came with the package, but DNSBL is a service and keeps on running...



How to...
Today I wanted to access "github.com", but ran into the following error in FF "Secure Connection Failed" and there was no option to bypass it.  So I changed to another browser, in this case "Iceweasel" on a complete other OS (Kali), kinda same error "This connection is Untrusted" here with also no option to bypass it. Next I looked into about:config and couldn't adjust the settings to bypass it.
 
Then I thought of pfBockerNG as a probale cause, so I disabled it in the General Tab, but still I could not access github.com, then I almost made the mistake of ruling out pfBlockerNG (just doing it's great work, just me too stupid of overseeing the fact that the DNSBL service was still running) as the cause.

Next step, I took my mobile device and stopt WiFi access to the Access Point, so it switched to mobile data and suddenly access to github was back again. Now I knew it had to be pfBlockerNG, a quick look into the Alerts Tab in pfBlockerNG showed me the block and the list it came from (see attachment).

Assumption is the mother of all f*ckups....
« Last Edit: December 26, 2017, 09:15:06 am by Qinn »

Offline BBcan177

  • Moderator
  • Hero Member
  • *****
  • Posts: 2601
  • Karma: +810/-5
    • View Profile
    • Click for Support
Re: DNSBL enable/disable is independent of General disable/enable
« Reply #1 on: December 26, 2017, 07:29:46 pm »
This has been addressed in the upcoming release. 

Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it. 
"Experience is something you don't get until just after you need it."

 | http://pfblockerng.com | Twitter @BBcan177  | #pfBlockerNG |

Offline Qinn

  • Full Member
  • ***
  • Posts: 137
  • Karma: +5/-1
    • View Profile
Re: DNSBL enable/disable is independent of General disable/enable
« Reply #2 on: December 29, 2017, 03:37:12 am »
This has been addressed in the upcoming release. 

Also Malc0de shouldn't have added Github. They don't seem to have a contact. So hard to remove those False positives upstream. You can either suppress or whitelist it.

Thanks for letting me know.

Season greetings and cheers Qinn

btw looking forward to v2.2x ;)