Blocking a list of IP addresses via script

  • Hi,

    I'm new to pfSense and would like to Block/Reject a list of several hundred IP addresses and address ranges.

    Is there a simple way of scripting this list into an alias to load into my dedicated pfSense machine?

    E.g. something like a scripted list of "netsh" commands as you can use in Windows command prompt:
    netsh advfirewall firewall add rule name="avoidthissite" dir=out action=block remoteip= enable=yes

    If this is possible in pfSense, please give an example of the syntax of how would I specify a range of addresses?  E.g. -, setting "Reject" on the outbound, and "Block" on inbound?

    If I create such a script on another computer and put it on a flash drive, what are the steps in getting it into pfSense?  (Again, I am new to this environment, and don't know how to use SSH, etc., so it would be really helpful if you can describe the steps.)


  • Instead of guessing at a solution and then asking for steps, why not tell us what you are trying to accomplish?

    pfSense supports URL Table aliases:

    URL Table Aliases
    A URL table alias is a URL that points to a plain text file containing IP and/or CIDR masked network addresses. The URL will be periodically downloaded and refreshed. The contents of the file would look like so:

    Come up with a text file and put it on a web server and the rest is easy.  pfSense will download the file per the schedule you set and add everything to an alias that you can use in a firewall rule.