IP Blocker / IP Blocklists
-
Wow this is really exciting.. I know this thread is a few weeks old but in my book this is one of the top 3 features I would build into my "ideal" firewall! (also portscan detection/ auto blackhole 'ing) I just had to show my support!! Any chance that this will be in the beta stage of the 2.0 branch or will it first be introduced in 2.0 for the first time?
Either way, whoever thought of adding it, thanx alot. I think it will add an extra layer of protection to any network. (I tried to do this this in m0n0wall but didn't really workout for me) :P
-
This feature already is in the next alpharelease (or when you build your own headrelease from the developers iso).
Btw, portscandetection and auto blackholing can be done with the snortpackage already. Just install it ;-)
-
is this in feature 1.0.1?
-
Snort is available as package like I said already.
-
sorry, i meant the new aliases feature.
-
This feature is not yet available. No timeframe for a release yet. The next major version just is in alpha stage.
-
That'll definitely be a sweet addition to have. Heck, if for nothing else, just to block trojan sites and so on.
I tried linblock.pl (will process same said files into iptables on your linux machine. By the time there are a few thousand entries my dual proc athlon w/ 4Gigs of ram and u320 hard drives just slows to a crawl) Surreal to say the least. It's an old beast, overclocked to hell, intel server gig nic, but even with system loads at 15+ is 100% responsive. Not so with anything large in iptables.
Now the sad part is that in vmware on same said machine, peerguardian, protowall, and other similar programs run just fine and dandy with the exact same lists.
Yeah, I've been a pf fan for a long time. never did like that other brand of cola :-)
In any case, as always, keep up the excellent work, and look forward to continuing releases.
thanks,
andy -
No need for that. We already have this feature in the upcoming aliassystem for version 2.0: http://pfsense.com/~sullrich/pics/SampleAlias.PNG
You then can use these aliases to apply to your custom firewallrules which gives you a lot of flexibility wether to only bloc http, smtp or whatever.
Hoba, why are you using description like "Bad hosts like Russian"? I am from Russia. What do you mean? That all russian hosts are bad? There are much more hackers is EU and US than is Russia, remember this!
-
1. This screenshot is not done by me, I just linked it
2. it reads "known bad hosts …" so it doesn't include ALL russian hosts, china is referenced there btw too
3. it's just an example
4. I don't have any hard feelings against russians or any other nation;D
-
1. This screenshot is not done by me, I just linked it
2. it reads "known bad hosts …" so it doesn't include ALL russian hosts, china is referenced there btw too
3. it's just an example
4. I don't have any hard feelings against russians or any other nation;D
;D
Ok. We are from the same dough, as other people ;)
Happy new year! -
Sorry to resurrect an old thread but does anyone know of any integrated router/firewall/ proxy solution without high mardware requirements which will currently do this?
Or any way to hack m0n0/pfsense to do it?
I am guessing from the comment above that linblock.pl may work on pfsense but maybe i am wrong.Thanks.
-
Just wondering if anything has come of this. I've been getting one too many letters from my ISP and would like to impliment a peerguardian-like solution.