Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Performance better with aliases or pfBlockerNG for filtering inbound IPs [solved]

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 2 Posters 331 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • noplanN Offline
      noplan
      last edited by noplan

      out of curiosity ..

      best way to get best performance

      put > 600 unique IPs into an alias and use it in afirewall rule
      (number growin)

      or use

      pfBlockerNG / IP for inbound

      brNP

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        Where are these IPs from? If they are list based, say geoip ranges - you can just let pfblocker maintain the aliases. Just use pfblocker in alias mode.. That is how I use it.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07 | Lab VMs 2.8, 25.07

        1 Reply Last reply Reply Quote 0
        • noplanN Offline
          noplan
          last edited by

          no those IPs are kind of blocklist from knockin on open ports or tryin to connect to
          put from the log files into the alias

          and those aliases have grown over the years
          short said noise in the log file

          thx for the hint
          pfblocker maintain the aliases

          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by johnpoz

            You can also just maintain your own aliases based on list.. Example I have this one.

            aliases.jpg

            Comes down really to where you getting the list and what is easier ;) But sure not running pfblocker if you don't need/want it would be less resources used.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07 | Lab VMs 2.8, 25.07

            1 Reply Last reply Reply Quote 0
            • noplanN Offline
              noplan
              last edited by

              thanks for the hint with the URLs in Aliases totally missed that one !
              great.

              pfB is runnin on the box and doin a nice job.

              so i put the IPs in a list and put it on the box for starters :)
              after sortin and deletin and checkin (gogle shodan censys ....) 400 unique remained

              next step is to put it on a server for easy maintenance and deployment

              thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.