IP List Alias from URL in NAT

PhlMike · Apr 4, 2022, 3:04 PM

SG-5100, PFS+ 21.05.2
I have an IP list published to a .txt file and I have a NAT rule currently allowing all to this IP. We want to lock it down to this IP List. I did a search and the only post I could find was from 2017 and it was unanswered.

I created the URL list, and that doesn't seem to show up. Also how often do those lists updates, I could have sworn their was some sort of TTL to them, but it is no longer visible.

SteveITS · Apr 4, 2022, 3:41 PM

@phlmike Are you using a URL alias or a URL table alias?
https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html#url-aliases
"For a URL type alias, the contents of the alias are re-fetched every 24 hours from the stored URL by the firewall."

PhlMike · Apr 4, 2022, 3:51 PM

@steveits I was using an URL Alias (IP) and I changed it to URL Table Alais (IP) and I see the ttl and it is showing as an option in NAT.

Does it take the same format?

SteveITS · Apr 4, 2022, 4:15 PM

@phlmike The same format of file? I would think so.

That doc page says, "For a URL Table alias, the drop-down list after the / controls how many days must pass before the contents of the alias are re-fetched from the stored URL by the firewall. When the time comes, the alias contents will be updated overnight by a script which re-fetches the data."