DNSBL FEED BLOCKING NOT WORKING
-
This post is deleted! -
@NogBadTheBad Here is WAN Rules image , I didnt see any IP`s like you shared above. See the snapshot
LAN Rules:
Please help me !!!
-
@faddy0102 said in DNSBL FEED BLOCKING NOT WORKING:
@NogBadTheBad I am trying to block incoming and outgoing both bad IP`s or domain traffic.
They are blocked by default no need to have rules on the WAN the default is deny.
-
There are loads of pfBlocker guides on the internet.
Looks to me like you need to do a few things.
Firewall -> pfBlockerNG -> IP in the IP Interface/Rules Configuration.
Set Inbound Firewall Rules to the WAN interface.
Set Outbound Firewall Rules to the Local LAN interface / interfaces
Then look at why the pfBlocker rules your creating aren't adding any ip addresses.
Show pfB_DNSBLIP.
-
@NogBadTheBad Thanks Man its working now
Much Appreciated ..!!!
-
@NogBadTheBad
Now the second part is i need to through all deny list data to 3rd party platform for visibility to logs on monthly basis.Is there any mechanism to through PF-BLOCKER data to other platform like (API , Syslog etc.)
Please suggest.!!
-
You can't syslog pfblocker events.
But you could syslog everything from pfSense and filter in syslog on the rule ID, it's a bit of a kludge.
-
@NogBadTheBad Hi, Can you please tell me which software are you using for monitoring these logs? Any suggested link ?? It will great help for me.
Thanks
-
That output is from my network attached storage, I send my pfSense logs via syslog to it, it's not great.
-
@NogBadTheBad Okay Brother Thanks i am using Kiwi Syslog for tracking this.
