PfBlockerNG

repa · Jan 6, 2016, 4:15 PM

Hi,

we're currently "playing" arround with pfBlockerNG to secure our systems a bit more.

The big question that is currently in the room:

we have some pfsense firewalls with alot of networks behind. Is it possible to use PfBlockerNG and select specific destinations?

So ex: pfB_Africa_V4 is only blocked for network 1.2.3.4/24, but not for other networks.

I can edit the firwall rules, but on next update, the changes are lost.

Thank!

RonpfS · Jan 6, 2016, 4:22 PM

You can use the List Action : Alias Deny/Pass/Match/Native and create you own FW rules using those aliases

repa · Jan 6, 2016, 4:25 PM

thanks for your quick answer!

You mean i can use the pfblockNG Aliases and create my own rules ?

But this will not work, when the rule order is pfB_Block/Reject | All other rules ?

repa · Jan 6, 2016, 4:31 PM

@RonpfS:

You can use the List Action : Alias Deny/Pass/Match/Native and create you own FW rules using those aliases

Okay, got it now, thanks!

BBcan177 · Jan 8, 2016, 10:01 PM

You can also customize the pfBNG firewall rules using the "Adv. Inbound Settings".

The next release will also allow the customization of the "Outbound" Firewall rules… This will make it easier to manage firewall rules instead of manually creating "Alias" Type rules.

repa · Jan 9, 2016, 7:30 AM

@BBcan177:

You can also customize the pfBNG firewall rules using the "Adv. Inbound Settings".

The next release will also allow the customization of the "Outbound" Firewall rules… This will make it easier to manage firewall rules instead of manually creating "Alias" Type rules.

Thanks for your reply.

we have the following condition:

Germany needs to access Host #1, but Germany dont have to enter Host #2

Sweden needs to have access to Host #2 but not to host #1

I think, we can't get this working with pfBlockerNG, right ?

BBcan177 · Jan 9, 2016, 9:56 PM

@repa:

I think, we can't get this working with pfBlockerNG, right ?

Yes