How do I set exceptions?

  • Hi,

    i've moving from Sophos UTM to pfSense and also pfBlockerNG.

    I've blocked generally a whole bunch of countries -> Deny In and Outbound

    How do i can set exceptions like these:
    A Picture is more than 1000 words  :D

  • By default, pfSense blocks all inbound traffic, so if you don't have any open ports, this is a wasted effort.

  • @bartkowski:

    …don't have any open ports...

    But, I have opened a few ports.
    I also want to block the outgoing, only if a http/s connection in the selected countries, as seen in the screenshot above

  • You may need to think about this in the opposite way. Instead of blocking, think about what countries you want to allow. You then create "alias" lists in pfBlockerNG which can be used to create your own firewall rules. 
    Depending which country list is shorter (allowed or blocked), I would start there, and remember you can always set "Invert Match" to accomplish what you want.

Log in to reply