Custom aliases using domain name
-
@youngsand1 Hi.. Thank you for showing your support. I created an alias with the url. But it is not blocking.
-
This post is deleted! -
@su30mki said in Custom aliases using domain name:
@nogbadthebad Thank you for the wonderful representation. I am so happy for your effort. Can I assign host based blocking in the network with this method?
Never used it but there's a bit at the bottom:-
I still think you'd be better blocking by AS number.
-
This post is deleted! -
@nogbadthebad I understand that part. How to create an alias for blocking pfsense by pfblockerng? I am very new to pf blockerng. I also have paid blacklist service. Can I load that to pfblockerng?
-
-
Instal lpfBlockerNG-devel
-
Run the setup wizard , define your inbound and outbound interface.
-
Create a rule Firewall -> pfBlockerNG -> IP -> IPv4 as per my screenshot but set it as deny outbound
-
Run update via Firewall -> pfBlockerNG -> Update, the firewall rules will automatically be created
The rules will automatically be created on the inbound and outbound interfaces, give it a go, its quite easy.
Re the paid block list you can, depending on the format, it basically creates tables that are used in firewall rules, check the tables out via Diagnostics -> Tables
-
-
@nogbadthebad Hello.. Thank you for your support. I am sorry for the delay in the reply. I was doing a whole new set up. I have multi wan failover setup done. So in PfblockerNG, The Inbound interface --> WAN1 & WAN2 and The outbound interface --> LAN. Is it the right method?
-
Yup sounds right.
-
@nogbadthebad I am having multiple vlans created in pfsense. Then I think the outbound interface should be all the vlans.
-
Yes.
-
@nogbadthebad Hi, I tried doing it, But it is not blocking facebook. Please find the screenshots.
-
It's deny outbound.
Get it working with ASN numbers they play with the social networking source after.
-
I've just tried it and its an issue with your block list as it doesn't contain valid IP addresses just 0.0.0.0 FQDN.
PfB_Test_v4 Table
IP Address
123.41.54.45
130.211.230.53
160.41.54.45
163.41.54.45
194.41.54.45Rather than using IP try using the DBNS
-
Can you please suggest any list?
-
Have you tried blocking facebook by ASN numbers or like I suggested try the using the list your using in the DBNSL section as per my screenshot.
-
@nogbadthebad Thank you very much.. It is working. Saved my reputation.
-
@su30mki said in Custom aliases using domain name:
@nogbadthebad Thank you very much.. It is working. Saved my reputation.
via IP and ASN number or DNSBL ?
-
@nogbadthebad Now how do I segregate different rules for different vlans?
-
Use alias permit, alias deny, alias match & alias native.
That will just create an alias you can use in firewall rules.
-
@nogbadthebad Can you please help me with a screenshot?
