Newby question re whitelisting in pfblockerng
-
I just started using pfblockerng. One site that I tried to link to (iphoneincanada.ca, which I believe to be a legit site) is blocked, and the firewall logs indicate that this site it blocked on the ET-Block list. How can I whitelist this site (and other individual sites in the future) so that I can reach it?
-
(bump)
Anyone?
-
From the pfSense GUI - Firewall \ pfBlockerNG \ Alerts tab find your entry for click the + symbol to suppress the address. Suppression is enabled from the General tab of pfBlockerNG if you don't already have it enabled.
-
Thanks! I had missed that checkbox, so there were no +'s available to suppress IP addresses. Your instructions fixed the issue.
-
Follow up question:
pfBlockerNG seems to be blocking dropbox.com (specific IP 162.125.32.129:443), with the message in the log being that the address is found on a blacklist IBlock_BT_Hijack 162.125.0.0/16. But there is no "+" sign next to the address to suppress it. How can I whitelist this site so that my computers can connect to dropbox?
-
I landed up disabling the whole list in question (IBlock_BT_Hijack). Is there a more elegant way of accomplishing this?
-
162.125.0.0/16. But there is no "+" sign next to the address to suppress it.
You can only suppress a /32 or /24 you have to make a new alias with 162.125.0.0/16 and allow outbound if you wanted to access the /16.
-
@pfBlockNG:
Enable Suppression
This will prevent Selected IPs from being blocked. Only for IPv4 lists (/32 and /24).
Country blocking lists cannot be suppressed.
This will also remove any RFC1918 addresses from all lists.Alerts can be suppressed using the '+' icon in the Alerts tab and IPs added to the 'pfBlockerNGSuppress' alias
A blocked IP in a CIDR other than /32 or /24 will need a 'Whitelist alias' w/ list action: 'Permit Outbound' Firewall rule
Do not use the pfBlockerNGSuppress Alias in a Firewall Rule. This alias is used during the cron download process only.
