pfblocker IP list bypass
-
If you set it as block in pfBlocker does the rule get created?
I don't see that custom list in the update logs...
-
-
Ok, so it's probably not populating the list. Or it's not enabled or similar.
-
@stephenw10 Yeah for some reason it just doesnt see the custom group. I'll open a redmine
Also i do have an Ports Alias that i use in an Inbound Firewall rule in conjunction wtih GeoIP thats processed without issue.
-
This seems like it might just be the list isn't configured correctly. What is in that list apart from the custom firewall source?
-
Yes, in fact re-reading this it looks like you might have created an empty list and just added the alias the firewall rules section as a source to use?
That won't create any rules since nothing is actually listed.You probably want to add the IPs directly in the 'IPv4 Custom_List' section.
-
This post is deleted! -
@stephenw10 Ok I see what you mean now. My logic was faulty.
But when i add it to the custom IPv4 list those IPs show up as Destinations. I suppose setting it to Alias Native would work but anyway to have the IPs listed in my field set to sourceEDIT: Figured it all out...
Going out for a drink. haha.
@stephenw10 @SteveITS Appreciate yallEDIT2: For future me or anyone else who looks back at this.
- Create the custom group with the IPv4 Custom_List IPs.
- Set to Alias Permit
- Under Floating Rules , create a Pass rule.
- Set the Firewall Auto Rule Order to pfSense Pass...
- Adjust accordingly.
My rule is at the top exactly where I needed it to be.
-
Yup, that's probably how you'd have to do it.
My only concern there is that the pfBlocker auto-rules might get moved above that when they are reloaded. You should check that.
-
