PfBlockerNG can block a TOR exit node list?
-
I have a Ubuntu system that uses IPSet to create a rule blocking TOR exit nodes for my webserver. I'd like to migrate that to my pfSense install. Is it possible to use this list of TOR exit nodes to create a block list?
https://www.dan.me.uk/torlist/
-
Yes this feed will work in pfBlockerNG. There are a few other feeds for TOR nodes. I am away until next week, but hopefully some other users post those other URLs for you. If not, I will post them when I'm back.
-
few more, which will work with pfblocker
Blut_TOR - https://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv
ET_TOR - https://rules.emergingthreats.net/open/suricata/rules/tor.rules
IBlock_TOR - http://list.iblocklist.com/?list=togdoptykrlolpddwbvz&fileformat=p2p&archiveformat=gz
BDS_TOR - https://www.binarydefense.com/tor.txt -
Can a list be added via the interface or do I need to use the same ipset / iptables technique in the command line? …which would mean I actually don't need pfBlockng at all, right?
-
pfSense uses FreeBSD which does not have iptables functionality. It uses packet Fence instead.
You can either use the pfSense aliastable functionality or use pfBlockerNG for this functionality. This can also be scripted from the shell but what's the point when the functionality exists in the gui.