Blocking a list of IP addresses via script
Pelagic last edited by
I'm new to pfSense and would like to Block/Reject a list of several hundred IP addresses and address ranges.
Is there a simple way of scripting this list into an alias to load into my dedicated pfSense machine?
E.g. something like a scripted list of "netsh" commands as you can use in Windows command prompt:
netsh advfirewall firewall add rule name="avoidthissite" dir=out action=block remoteip=123.123.123.017 enable=yes
If this is possible in pfSense, please give an example of the syntax of how would I specify a range of addresses? E.g. 123.123.123.001 - 184.108.40.206, setting "Reject" on the outbound, and "Block" on inbound?
If I create such a script on another computer and put it on a flash drive, what are the steps in getting it into pfSense? (Again, I am new to this environment, and don't know how to use SSH, etc., so it would be really helpful if you can describe the steps.)
KOM last edited by
Instead of guessing at a solution and then asking for steps, why not tell us what you are trying to accomplish?
pfSense supports URL Table aliases:
URL Table Aliases
A URL table alias is a URL that points to a plain text file containing IP and/or CIDR masked network addresses. The URL will be periodically downloaded and refreshed. The contents of the file would look like so:
Come up with a text file and put it on a web server and the rest is easy. pfSense will download the file per the schedule you set and add everything to an alias that you can use in a firewall rule.