• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PFBlockerNg Questions

pfSense Packages
2
6
1.8k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    deanot
    last edited by May 31, 2015, 1:14 PM

    How are you guys running PfBlockerNg? Do you use or block every country or just certain ones?  Right now I am mainly using the top 20 and denying inbound, not really sure how to correctly set this up, but I am seeing constant ICMPs, port scans from China mostly, some Russia and so on.

    Just trying to get a feel on what to look for, what to have set and how to have PfBlockerNg block repeat offenders correctly.

    Many thanks.

    PFSense System Specs.
    –---------------
    Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
    4 CPUs: 1 package(s) x 4 core(s) 4 port HP Branded Intel Ethernet Card

    1 Reply Last reply Reply Quote 0
    • B
      BBcan177 Moderator
      last edited by May 31, 2015, 2:30 PM

      Hi deanot,

      Here are some posts to help…

      https://forum.pfsense.org/index.php?topic=86212.msg486644#msg486644
      https://forum.pfsense.org/index.php?topic=86212.msg505565#msg505565
      https://forum.pfsense.org/index.php?topic=86212.msg501258#msg501258

      If you do have any open ports, you can use the new feature "Adv. Inbound Firewall Settings".

      But in a nutshell... Its not recommended to block the world... Also pfBlockerNG is more than a country blocker... There are several good Lists that publish known malicious IPs that you can block ... But everyone thinks to block the inbound, when they should be focusing on the Outbound primarily... And Inbound only on open ports.

      Link to IP Lists that are available...
      https://forum.pfsense.org/index.php?topic=86212.msg508975#msg508975

      "Experience is something you don't get until just after you need it."

      Website: http://pfBlockerNG.com
      Twitter: @BBcan177  #pfBlockerNG
      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

      1 Reply Last reply Reply Quote 0
      • D
        deanot
        last edited by May 31, 2015, 5:30 PM

        I appreciate your help, I am off to read on the links that you provided.

        PFSense System Specs.
        –---------------
        Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
        4 CPUs: 1 package(s) x 4 core(s) 4 port HP Branded Intel Ethernet Card

        1 Reply Last reply Reply Quote 0
        • D
          deanot
          last edited by Jun 10, 2015, 8:17 PM

          BBcan177, you mentioned using PFBlocker just to block inbound on open ports, I can see how to add ports to an alias, but how do I use PFBlocker to only use the alias ports?.  Is there a walkthrough around or could you explain a little please?

          Many thanks.

          @BBcan177:

          Hi deanot,

          Here are some posts to help…

          https://forum.pfsense.org/index.php?topic=86212.msg486644#msg486644
          https://forum.pfsense.org/index.php?topic=86212.msg505565#msg505565
          https://forum.pfsense.org/index.php?topic=86212.msg501258#msg501258

          If you do have any open ports, you can use the new feature "Adv. Inbound Firewall Settings".

          But in a nutshell... Its not recommended to block the world... Also pfBlockerNG is more than a country blocker... There are several good Lists that publish known malicious IPs that you can block ... But everyone thinks to block the inbound, when they should be focusing on the Outbound primarily... And Inbound only on open ports.

          Link to IP Lists that are available...
          https://forum.pfsense.org/index.php?topic=86212.msg508975#msg508975

          PFSense System Specs.
          –---------------
          Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
          4 CPUs: 1 package(s) x 4 core(s) 4 port HP Branded Intel Ethernet Card

          1 Reply Last reply Reply Quote 0
          • B
            BBcan177 Moderator
            last edited by Jun 10, 2015, 10:04 PM

            Hi deanot,

            The instructions to use the "Adv. Inbound Settings" are here:

            https://forum.pfsense.org/index.php?topic=86212.msg524957#msg524957

            Don't forget to change the "protocol" setting from "any" to "tcp/udp" or as required…

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • D
              deanot
              last edited by Jun 10, 2015, 10:15 PM

              Thank you again, I was attempting it but got confused with all the settings.  I shall go and read, many thanks again….

              PFSense System Specs.
              –---------------
              Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
              4 CPUs: 1 package(s) x 4 core(s) 4 port HP Branded Intel Ethernet Card

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.