Whitelisting advice….



  • Hi BBcan177

    Thanks a lot for PfblockerNG a very powerful addition to any pfSense box I would think.

    I have had DNSBL running for months flawlessly blocking ads for all connected devices - makes an enormous change to the browsing experience.

    As my knowledge with PfSense grew I discovered that other than top_4 blocks I was not applying any ivp4 filtering with Pfblock (other than separate DNSBL).

    I have a question regarding whitelisting..

    Is there any way with Ivp4 blocking (other that a higher order whitelist) to remove IPs from the blocklist?
    What I was looking for is - Like what occurs with DNSBL Custom whitelist? 
    ie. I don’t want to whitelist the IP - I just want to make sure it isn’t in the blocklist.  (which is currently made up of multiple feeds)

    eg.
    Have a whitelist setup of needed to pass IPs (mainly xboxlive related stuff for family) but realise this gives pretty free access and would prefer to have these domains filtered and removed from the blocklist.

    Asking a question is always a good way to come up with  answer – is what I am after the SuppresionList Alias?  I may have failed to look there as was expecting a within pfblockerNG setting (like my experience with pfblockerNG DNSBL whitelisting )

    Thanks for you time

    Glenn


  • Moderator

    To overcome an IP blocked event, you have two choices:

    1. Suppression - This is limited to only /32 and /24 blocked events.

    2. Add the IP to a Permit Alias, that will permit the IP outbound, before the Block rules take effect.


Log in to reply