Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Optimizing pfBlockerng configuration

    Scheduled Pinned Locked Moved pfBlockerNG
    1 Posts 1 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mikael.andre
      last edited by

      Hi everybody,

      First of all, I would like to thanks BBCan177 for this work.
      It's a pleasure to have some advance features to block traffic (incoming/outgoing) like commercial solutions I see in my job (Palo Alto, bluecoat, fortinet, etc…)

      I open this topic in order to optimize my pfBlockerng configuration.
      I would like to have somes suggestions about for example in which group it's better to put some URL.
      In IPv4 list, I create four groups : critical, high, medium, low.
      In custom DNS feeds, I create four groups too: Adverts, Malicious, DGA and Hphost_partial.
      In attached files, it's my custom IPv4 blocking lists, easy list configuration and feeds for DNSBL.

      I used following links to set up my configuration:
      https://www.doyler.net/security-not-included/pfsense-dnsbl
      https://laskowski-tech.com/2017/11/28/dnsbl-on-pfsense-tutorial/
      https://forum.it-monkey.net/index.php?topic=22.0
      https://vorkbaard.nl/protect-your-network-with-domain-filtering-on-pfsense-2-4-and-pfblockerng/
      http://supratim-sanyal.blogspot.fr/2017/04/pfsense-pfblockerng-ultimate-list-of-ip.html
      https://forum.pfsense.org/index.php?topic=102470.msg573165#msg573165
      https://forum.pfsense.org/index.php?topic=125911.0
      https://forum.pfsense.org/index.php?topic=86212.600

      In advance, many thanks for your reply.

      Mikaël ANDRE
      pfblockerng_dnsbl_custom_feeds.txt
      pfblockerng_dnsbl_easylist.txt
      pfblockerng_ipv4list.txt

      Best regards,

      Mikaël ANDRE

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.