Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking some permitted geo local IPs

    Scheduled Pinned Locked Moved pfBlockerNG
    4 Posts 2 Posters 780 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      McMurphy
      last edited by

      We have had a number of attempts to access our network from unauthorised users.

      Using pfblockerng I have recently been able to filter out all access attempts from outside Australia which has reduced the number in any 24 hour period from 15,000 to a few hundred.

      I do see in the logs a number of local ip addresses that are still attempting over and over which I would like to block too.

      I had originally thought to add these as individual firewall rules to block however it appears pfsense continually reorders the pfblocker rule to the top of the list which allows them to pass through.

      I see in pfblockerng that there is an IPv4 tab, is this where I could add these IPv4 addresses instead of adding them as individual fw rules? Would I add them as an IPv4 custom list?

      Thanks in advance…

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        You can hit the "+" button to add a new IPv4 alias. Define the options listed. You can click on the blue infoblock icons for further details.

        Add the IPs to the custom list, one per line.

        Then goto the Update tab and hit "Force Update". As you add new IPs select the "update custom list" option at the bottom of the page before updating.

        Note- you can change the rule order options in the general tab, or use "alias type" setting and manually create the firewall rules as required.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • M
          McMurphy
          last edited by

          Thanks for the reply :)

          I am still unsure of what the difference is between blocking IP addresses via pfblockerng IPv4 custom list and listing them individually in the firewall rules.

          Is the former just an easier way to block multiple IP addresses?

          1 Reply Last reply Reply Quote 0
          • BBcan177B
            BBcan177 Moderator
            last edited by

            Either will work… Up to you whats an easier method to manage...

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.