pfSense Gold Subscription

Author Topic: DNS Blacklist, New Package! Check it out.  (Read 54484 times)

0 Members and 1 Guest are viewing this topic.

Offline robfantini

  • Jr. Member
  • **
  • Posts: 47
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #60 on: January 14, 2010, 11:25:03 am »
Hi,
I am new to PfSense, I tried using DNS Blacklist and tried to block, Adult Porn and Online Gaming but I beleive it blocks all sites, if I try accessing any site it redirects to Google. For eg I tried indiatimes.com; yahoo.co; rediff.com and our Company website but it all gets redirected to Google, not sure if I am going wrong somewhere or do I need to work on the scripts.

 I have the same issue. 

Offline wpcprez

  • Newbie
  • *
  • Posts: 1
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #61 on: January 14, 2010, 06:07:55 pm »
Hi,
I am new to PfSense, I tried using DNS Blacklist and tried to block, Adult Porn and Online Gaming but I beleive it blocks all sites, if I try accessing any site it redirects to Google. For eg I tried indiatimes.com; yahoo.co; rediff.com and our Company website but it all gets redirected to Google, not sure if I am going wrong somewhere or do I need to work on the scripts.

 I have the same issue. 


I also have the same issue and even if I uninstall the dns blacklist the DNS redirector is jacked up now and no dns redirection works.

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #62 on: January 14, 2010, 06:39:45 pm »
Am I missing something or is this like running Squid and Squidguard? And if so, why at the beginning of the thread did the developers make reference to DNS Blacklist (eventually) running in conjunction with a proxy server? Seems like DNS Blacklist is a great idea for those who don't employ proxy servers and redundant to those who do (along with Squidguard).

Please...show me the error in my thinking.
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline running

  • Jr. Member
  • **
  • Posts: 63
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #63 on: January 14, 2010, 07:44:16 pm »
I agre, what is the difference with Squid-Squid guard
I have good squit guard setup should i consider this instead
What are the advantaged or disadvantages

Thank you!

Offline mcrane

  • Sr. Member
  • ****
  • Posts: 495
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #64 on: January 15, 2010, 12:27:01 am »
The DNS Blacklist is what its name implies. Its a DNS Domain name black list. Domains that are on the list are detoured to an alternate address in this way it blocks the website. Simple concept effective and doesn't require a proxy. To be completely effective you need to block other DNS Servers.

Offline XIII

  • Sr. Member
  • ****
  • Posts: 582
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #65 on: January 19, 2010, 08:59:32 pm »
did any one ask? Ive heard of pay services providing free services to projects like this.
-Chris Stutzman
Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
Check out the pfSense Wiki

Offline BitSuck

  • Newbie
  • *
  • Posts: 1
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #66 on: February 16, 2010, 05:29:14 am »
Hi,

is there a possibility that the DNS Blacklist is valid only for some clients in the network?
What i mean is: Can i set permissions within the DNS Blacklist for some clients.

And thank you for your work on this package!

Offline brutalhappy

  • Newbie
  • *
  • Posts: 1
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #67 on: February 21, 2010, 07:11:48 pm »
Wow... i've tried this.. unbelivble...it's simple. Thanksss Guys....it's really2 work .. \m/

Offline tebruno99

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #68 on: March 10, 2010, 01:17:01 pm »
This is a great package, using it very well great work!

  I do have 1 issue.  When i turn on Adult option, it starts blocking sites that aren't even in the blacklist (specifically all of my personal domains).  limesg.com, and naveoss.com.  I did a grep in the blacklist directory and on the original sites blacklist files and my domains are not in any list.  Any advice?

Offline Supermule

  • Hero Member
  • *****
  • Posts: 1490
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #69 on: March 14, 2010, 02:27:17 pm »
Any news of this???
Kind regards Brian


Offline Knyte

  • Jr. Member
  • **
  • Posts: 64
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #70 on: March 15, 2010, 02:17:35 pm »
Just to chime in a bit:

1) Great package.  Anything to help with granular site-blocking is a win to me.
2) Wondering if perhaps the option to add this list http://www.mvps.org/winhelp2002/hosts.txt might be possible ?  ...GREAT list to use if you're serious about ad-blocking.
3) for anyone having trouble with the blacklist opening a page that you think should be blocked, you might have to clear your DNS cache - from the Windows command line:  ipconfig /flushdns
« Last Edit: March 15, 2010, 02:25:33 pm by DigitalJer »
1.2.3-RELEASE (FreeBSD 7.2-RELEASE-p5 i386)
AMD Athlon(tm) 64 Processor 3000+ (1.81 GHz), 435.2 MB
Maxtor 4D060H3 DAH017K0 (Capacity: 60.06 GB)
1 x 100baseTX (WAN)
2 x 1000baseTX (LAN / Public Wifi)

Offline mcrane

  • Sr. Member
  • ****
  • Posts: 495
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #71 on: March 16, 2010, 12:12:00 pm »
DigitalJer the list you linked to seems to be free to use and I like the idea of an ad block category so I will add it as time permits. Main problem with granular control is some of these lists are very large so large we can't just display them in a textarea without killing the browser I've been thinking about a way to page through the list of domains.

Offline Knyte

  • Jr. Member
  • **
  • Posts: 64
    • View Profile
Re: DNS Blacklist, New Package! Check it out.
« Reply #72 on: March 16, 2010, 01:08:34 pm »
... the list you linked to seems to be free to use and I like the idea of an ad block category so I will add it as time permits.

Sweet! tyvm - looking forward to it :)
1.2.3-RELEASE (FreeBSD 7.2-RELEASE-p5 i386)
AMD Athlon(tm) 64 Processor 3000+ (1.81 GHz), 435.2 MB
Maxtor 4D060H3 DAH017K0 (Capacity: 60.06 GB)
1 x 100baseTX (WAN)
2 x 1000baseTX (LAN / Public Wifi)

Offline tommyboy180

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 976
    • View Profile
    • TomSchaefer.org
Re: DNS Blacklist, New Package! Check it out.
« Reply #73 on: March 16, 2010, 06:57:01 pm »
I really like the package. Thank you.
-Tom Schaefer
SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM
TomSchaefer.org/pfsense
Please support Countryblock | IP-Blocklist | File Browser | Strikeback Here

0x00

  • Guest
Re: DNS Blacklist, New Package! Check it out.
« Reply #74 on: March 18, 2010, 07:19:52 am »
@DigitalJer
i've been using MVPS hosts file for years too :) i've installed pfsense yesterday and i'm trying new stuff currently :)  i just included the MVPS list (domains only) to the "/usr/local/www/packages/dnsblacklist/blacklists/ads/domains" file and it works fine.

furthermore i've changed redirection to localhost/127.0.0.1 in dnsblacklist.php because i really don't like sending any information more than necessary to google :)


is it also possible to use pfsense's /etc/hosts file for blocking those domains? i guess it wouldn't eat that much memory (correct me if i'm wrong) because dnsmasq simply looks up the /etc/hosts file and sees the localhost redirection entries and forwards that to the client instead of holding everything in memory (which is limited on my alix board).
i'm new to pfsense and simple editing /etc/hosts didn't work because something always overwrites the file (i guess it is the "Register DHCP leases in DNS forwarder" setting).
[edit]
just found /etc/inc/system.inc and changed function system_hosts_generate() to append my host list to /etc/hosts :) skipping DNS blacklist package.
[/edit]
« Last Edit: March 18, 2010, 08:12:40 am by 0x00 »