Block a list of specific ip with pfblocker

SamKook

I'm trying to use pfblocker to prevent some specific people to access my network and I can't seem to make it work.

I've set the inbound connection on WAN and the deny action to block, it created a firewall rule(2 identical ones actually, not sure why) and the widget has a green arrow pointing up so I assume it's online and it says there is 1 CIDR for the alias I created.

This alias is set to deny inbound, never update and I didn't specify anything in the CIDR custom list. It loads a .txt list that contains all the ips I want to block, 1 per line(I also tried adding /32 at the end of the ip, but it also didn't work). This is where I assume I'm doing something wrong like my list not being in the right format or something, but I can't seem to find any specific infos on that.

It would be really appreciated if someone could help me figure this out.

rjcrowder

@SamKook:

I'm trying to use pfblocker to prevent some specific people to access my network and I can't seem to make it work.

I've set the inbound connection on WAN and the deny action to block, it created a firewall rule(2 identical ones actually, not sure why) and the widget has a green arrow pointing up so I assume it's online and it says there is 1 CIDR for the alias I created.

This alias is set to deny inbound, never update and I didn't specify anything in the CIDR custom list. It loads a .txt list that contains all the ips I want to block, 1 per line(I also tried adding /32 at the end of the ip, but it also didn't work). This is where I assume I'm doing something wrong like my list not being in the right format or something, but I can't seem to find any specific infos on that.

It would be really appreciated if someone could help me figure this out.

I'm not sure I understand your use case and why you are using pfblocker? I'm not using it, but I believe pfblocker is intended to make it easier to block outbound connections to large groups of sites. Is that what you are trying to do? If not, just use firewall rules…

marcelloc

PfBlocker can block incoming and outgoing connections but in your case, built in alias and rules can do the job.

Create a host alias, insert your denied ips and insert a rule on wan with source=alias_you_created and destination wan_subnet.

SamKook

Thanks, I now created an alias and blocked it with a rule. I'll have to test it the next time someone tries to hack my server to make sure I set it right.

I tried to use pfblocker because the first thing that came up when I searched for "block ip pfsense" was IP-Blocklist and since it was replaced by  pfblocker, I tried it.

I still have a lot to learn about what I can do with a firewall that powerful and so little free time to do it.

Once again, thanks for the help, it's much appreciated.