DNSBL Whitelist in pfSense

Wildcard domains are not supported by pfBlockerNG’s DNSBL. Thus, each subdomain needs to be added to the whitelist separately. We may use a browser to access the domain and confirm whether pfBlockerNG has blocked it. A certificate problem will appear in the browser if the connection is SSL-based. This results from the self-signed nature of the pfSense SSL certificate.

The browser will use an image measuring 1×1 pixels for the website when using plain HTTP connections. The problems can also be seen in the developer console if the website is loading an external script. Lastly, we can inspect the logs to see which pages DNSBL has blacklisted. These are located in the Firewall -> pfBlockerNG -> Logs -> dnsb.log folder.

In order to carry out whitelisting, we can run the below steps:

1. First, go to pfBlockerNG -> DNSBL -> DNSBL -> Custom Domain Whitelist in order to add a domain to the whitelist.

2. Add the domain we want to unblock at the bottom of the list, then click Save.

3. Reloading the filters is the next step. Go to Update -> Reload and choose Reload and DSNBL to accomplish this.

4. The reload will finish in a short while, depending on how many feeds we have.

We can try reloading the page to confirm if the whitelisting was successful. To ensure that nothing has been cached by the browser, it is recommended to perform this task in an incognito window.

[Looking for a solution to another query? We are just a click away.]

Conclusion

To minimize security threats, make sure we are only adding domains or IP addresses from reliable sources to the whitelist. Furthermore, make sure to periodically examine and update the whitelists as needed.