Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Newbie config

    pfBlockerNG
    2
    2
    305
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vitaprimo last edited by

      I've been trying to setup pfBlockerNG to block everything but my country and then manually adding IP addresses as needed but I'm failing horribly on how to do so.

      I tried adding a whitelist alias at the system firewall but I don't know how to link it to pfBlockerNG. I tried making a list in pfBlockerNG's IPv4 tab but it seems it downloads premade lists from some server, it doesn't maintain/edit them. Then I tried enabling the Suppression function on the package but the little plus sign to whitelist IP addresses won't appear because the blocked IP addresses are coming from a country list, I believe.

      I have three WAN interfaces with several rules under them already and I'm afraid to toy with the Rule Order box in the General tab because I don't know if it will mess up my rules. I also saw in the system firewall a new alias "pfBlockerNGSuppress", could I just add the IP addresses I want whitelisted there and pfBlockerNG will sort everything out? Wishful thinking, maybe?

      Here's my config:



      1 Reply Last reply Reply Quote 0
      • BBcan177
        BBcan177 Moderator last edited by

        You can't "Suppress" IPs for GeoIP blocked IPs…

        Create a "Whitelist" Alias in the IPv4 and/or v6 tab.
        Add the IPs that you want to allow into the Custom list at the bottom.
        Set the Action to "Permit Outbound"

        Goto the General tab and ensure that the "Rule Order" places the Permit rules above your Blocked rules..

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy