Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

www.liveleak.com not working #5

Closed
pcdiks opened this issue Jul 16, 2020 · 3 comments
Closed

www.liveleak.com not working #5

pcdiks opened this issue Jul 16, 2020 · 3 comments
Labels
exceptions

Comments

@pcdiks
Copy link

pcdiks commented Jul 16, 2020

The site www.liveleak.com is not working properly.
This ip is blocked that causes the problem: 104.16.133.229

Could you solve this?
@jpgpi250
Copy link
Owner

Nothing to fix here, the IP (104.16.133.229) and the IPv6 equivalent are already in the exceptions list.
I warned in all my posts that you need to make exception rules, using the exception files for specific devices, clearly, if you created these rules, they aren't working.
There is currently only one DNS entry that requires an exception (dns.cloudflare.com), because they host regular DNS (port 53), DoH (port 443) and content (cdnjs.cloudflare.com) behind the same IP address.

Don't know about the exception rules? read here.

@pcdiks
Copy link
Author

pcdiks commented Jul 17, 2020

Yes, I have implemented the exceptions and after disabling the rules to block DoH the site still does not work so it’s something else.
I do think your exception rules are not correct. In your pdf you show that the source must be an ip on the block list and the target must be the exception. Traffic on the lan interface can never have a source ip that is not on the lan. If you remove the source or change the source to lan net you have a rule that is technically correct.

@jpgpi250
Copy link
Owner

jpgpi250 commented Jul 17, 2020
edited
Loading

www.liveleak.com works perfectly in my environment, with the rules, described in the pdf. I can see in the logs, the exception rule is trigered (dns.cloudflare.com points to both 104.16.133.229 and 104.16.132.229

image

quote
In your pdf you show that the source must be an ip on the block list and the target must be the exception.
/quote

the source must be an ip on the block list This is wrong!

In the block rules, the source is any, the target is the block list
In the exception (allow) rules, the source is the alias used to define your devices that require an exception, the target is the exception list

The IP, used in the pdf (pfsense configuration / defining the exception alias ) is an example. I assume this is obvious, you need to enter your own IP addres(es)

check your rules again...

edit
looking at this problem, I understand the documentation is somewhat confusing. To eliminate this confusion, I changed the names of the aliases, this to (hopefully) make things more clear.
/edit

@pcdiks pcdiks closed this as completed Jul 18, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
exceptions
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pcdiks @jpgpi250