Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG Rules - Are IP and DNSBL Rules Combined?

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 3 Posters 394 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bitperfect
      last edited by

      Hello, I searched but cannot find a definitive answer. I am a new pfSense user and installed pfBlockerNG. When I look at my firewall floating rules, I only see 2 that reference the IP lists. My dashboard seems to suggest the DNSBL aliases are applied to the firewall rules but there is no number in parenthesis next to the green up arrows. I wanted to confirm if my setup looks correct. Thank you for your help.

      Screenshot 2024-10-12 at 4.02.02 PM.png

      Screenshot 2024-10-12 at 4.11.28 PM.png

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @bitperfect
        last edited by

        @bitperfect DNSBL uses DNS blocks...the domain now resolves to an invalid IP. They aren't firewall rules at all. The widget is just counting blocks for you.

        The firewall rule there is for the PRI1 feed/category.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        B 1 Reply Last reply Reply Quote 0
        • B
          bitperfect @SteveITS
          last edited by

          @SteveITS Thank you for the explanation. I took a look at the block lists and it is crazy the volume of ads and other packets traversing through our networks without our knowledge. Wish I had done this sooner!

          provelsP 1 Reply Last reply Reply Quote 0
          • provelsP
            provels @bitperfect
            last edited by provels

            @bitperfect I run Pihole on a tiny VM ahead of pfB. Clents look to the Pi, Pi looks to pfB/Resolver. With the blocklists I have enabled there, this is blocked, plus whatever else pfB does. It's amazing everything still works!

            3689b380-29fb-4a5b-aa79-ef8a10f586a0-image.png

            Peder

            MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
            BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.