Block List Sticky?
-
Hi.
the netflix stops working. Does anybody know how to get it working again or how to bypass the pfblockerng for specific ip address,
One way: Create an Aliases, named NyWhiteList, with the IPs/Nets your wish allow. And after create a firewall floating rule at top allowing like dst this aliases
Regards
thanks, that worked well. I created an alias of all the IP's that media players have and put them in floating firewall rules and open the ports. thanks for helping me,
molykule -
Hi.
I'm glad it works. :)
Regards.
-
Hello,
Would it be possible to have a sticky thread of current recommended block list sources? I thought something like this might help others searching. I read through a lot of the threads a while back and cobbled a list together, but coming back now, I shudder at reading 100+ pages again.
Thanks!
look at:
https://forum.pfsense.org/index.php?topic=118424.0But an update is coming that fixes all of this if you can wait :)
What update is coming? Is there anywhere I can read about it?
Any idea when it is expected to arrive? -
Always looking for active beta testers… :) PM if interested...
-
Google.com was blocked this afternoon by some DNSBL feed gone rogue. Any possibility of maintaining a sticky list, or an update on the fix mentioned above? Many thanks.
-
Google.com was blocked this afternoon by some DNSBL feed gone rogue. Any possibility of maintaining a sticky list, or an update on the fix mentioned above? Many thanks.
I assume this was due to Phishtank, MPatrol or Openphish. Those feeds post the full url, so there can be some FPs. Whitelist or use the TOP1M whitelist. Keep in mind that the TOP1M can also have malicious domains. So use with caution.
-
Thanks. I turned off all my custom lists and just have EasyLists running … good/bad?
-
Instead of disabling a whole Feed, you can either suppress/whitelist the FP, or for IP blocking, create a Permit Whitelist to allow access to the blocked IP(s).
-
Thanks. Could you possibly post what lists you're currently using (both IPv4 and DNSBL)? I would really appreciate it!
-
+1 on a block list sticky. I'd also like to see different sample blocklist sources for those of use hosting services vs those of us consuming services.
As a host (hosting lots of web sites, so for example all my WordPress sites are constantly scanned, and all http/ftp/ssh etc ports are under constant attack), this is what I'm using as an IPv4 block list:
-
https://isc.sans.edu/block.txt (DShield Top 20 bad guys)
-
http://feeds.dshield.org/top10-2.txt (DShield Port Scanners)
-
https://zeustracker.abuse.ch/blocklist.php?download=badips (ZeuS bad ips - not the most restrictive list but won't have false positives)
-
https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt possibly overlaps the DShield lists? I don't host email so not sure if I need this.
-
http://cinsscore.com/list/ci-badguys.txt CIArmy active threats. This gets by far the most blocks.
This is by no means an endorsement of a proper hosting block list, though it does seem to block quite a bit of bad traffic. In fact, I'd appreciate any suggested changes for a hosting provider that wants to block the worst of the worst while avoiding false positives. Thanks!
EDIT: I found a very good resource of blocklists: http://iplists.firehol.org/ has several. For my use, their Level 3 block list seems to be exactly what I need.
-
