• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Blocking all but the whitelist.

Scheduled Pinned Locked Moved pfBlockerNG
4 Posts 3 Posters 1.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    dabone
    last edited by Jun 28, 2018, 12:49 PM

    Is it possible to use this to block all but a few websites using pfblocker.

    I'd like to just block all dns requests except for whitelisted domains.

    Thanks.

    1 Reply Last reply Reply Quote 0
    • B
      BBcan177 Moderator
      last edited by Jul 1, 2018, 4:18 AM

      Not really in the package, but you could probably do that in the pfSense Unbound Adv. Configuration settings using "local-zone" "static" settings.

      https://www.unbound.net/documentation/unbound.conf.html

      "Experience is something you don't get until just after you need it."

      Website: http://pfBlockerNG.com
      Twitter: @BBcan177  #pfBlockerNG
      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

      1 Reply Last reply Reply Quote 0
      • M
        mhab12
        last edited by Jul 2, 2018, 2:47 PM

        https://forum.netgate.com/post/774687

        1 Reply Last reply Reply Quote 0
        • B
          BBcan177 Moderator
          last edited by BBcan177 Jul 4, 2018, 2:37 AM Jul 4, 2018, 2:36 AM

          @mhab12 said in Blocking all but the whitelist.:

          https://forum.netgate.com/post/774687

          Using a "dot" in Squid is the same for Unbound. Create a "local-zone" with ".", and then define all the "local-data" entries that you want to allow. Any local-data not defined will return nxdomain.

          From the Unbound docs link posted previously:

          local-zone: <zone> <type>

          **static**
                           If there is a match from local data, the query  is  answered.
                           Otherwise,  the  query  is  answered with nodata or nxdomain.
                           For a negative answer a SOA is  included  in  the  answer  if
                           present as local-data for the zone apex domain.
          

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received