Static and Dynamic IPs Pass rules

Yamka

Hi everyone!

I’ve been experiencing some issues with pfBlockerNG and would really appreciate some guidance on the best approach.

I initially tried using the DNSBL whitelist, but it hasn’t worked for me so far, so I’ve set that option aside for now.

From my research, one potential solution to allow specific IP addresses is to create an Alias (named alphabetically before the pfblockerNG Auto-Rules) with specified ports. Would this be a viable approach?

My main struggle is allowing WhatsApp (for example) traffic through my firewall, as well as other platforms that rely on dynamic IPs. While I can manage static addresses with the solution above, dealing with dynamic ones has been quite challenging. I’ve explored CIDR blocks, relevant ports, and IP pools, but the process has been confusing.

Would creating an Alias with a URL table that dynamically retrieves WhatsApp’s IPs (DNSlytics?) be an effective solution? Or is there a better way to handle this?

I have tried different approaches but as they haven’t been working i’ve been left confused on all the potential solutions and ways.

Any advice on how to allow WhatsApp communications through pfBlockerNG, and more generally, the best practices for handling these situations (dynamically / statically) where I want to let pass adresses pfblockerNG is blocking would be greatly appreciated.

Thanks in advance for your enlightment :)))

Bob.Dig

@Yamka said in Static and Dynamic IPs Pass rules:

My main struggle is allowing WhatsApp (for example) traffic through my firewall

Why is it blocked in the first place?