Newby question re whitelisting in pfblockerng

  • I just started using pfblockerng.  One site that I tried to link to (, which I believe to be a legit site) is blocked, and the firewall logs indicate that this site it blocked on the ET-Block list.  How can I whitelist this site (and other individual sites in the future) so that I can reach it?

  • (bump)


  • From the pfSense GUI - Firewall \ pfBlockerNG \ Alerts tab  find your entry for click the + symbol to suppress the address.  Suppression is enabled from the General tab of pfBlockerNG if you don't already have it enabled.

  • Thanks!  I had missed that checkbox, so there were no +'s available to suppress IP addresses.  Your instructions fixed the issue.

  • Follow up question:

    pfBlockerNG seems to be blocking (specific IP, with the message in the log being that the address is found on a blacklist IBlock_BT_Hijack  But there is no "+" sign next to the address to suppress it.  How can I whitelist this site so that my computers can connect to dropbox?

  • I landed up disabling the whole list in question (IBlock_BT_Hijack). Is there a more elegant way of accomplishing this?

  • @pfsensory:  But there is no "+" sign next to the address to suppress it.

    You can only suppress a /32 or /24 you have to make a new alias with and allow outbound if you wanted to access the /16.

  • @pfBlockNG:

    Enable Suppression
    This will prevent Selected IPs from being blocked. Only for IPv4 lists (/32 and /24).
    Country blocking lists cannot be suppressed.
    This will also remove any RFC1918 addresses from all lists.

    Alerts can be suppressed using the '+' icon in the Alerts tab and IPs added to the 'pfBlockerNGSuppress' alias
    A blocked IP in a CIDR other than /32 or /24 will need a 'Whitelist alias' w/ list action: 'Permit Outbound' Firewall rule
    Do not use the pfBlockerNGSuppress Alias in a Firewall Rule. This alias is used during the cron download process only.