Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfblocker Making On IP on LAN to skip everything pfblockers does

    pfBlockerNG
    2
    2
    303
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • x2rlX
      x2rl
      last edited by

      Is there a way to make One ip (10.0.0.52) on my local lan to skip/miss pfblocker 100%
      So pfblocker does not do anything at all to that computer.

      Thanks

      1 Reply Last reply Reply Quote 0
      • C
        chrcoluk
        last edited by

        Just had a quick look around the GUI, I think its possible but not in a one click manner.

        So pfblockerng filters via DNSBL and IP based BL.

        The latter is done solely via the firewall so modifying the firewall for that LAN ip to bypass should be possible although you may need to adjust an option in pfblockerng related to rule ordering so custom rules are processed before pfblockerng rules.

        The former is done via DNS manipulation, and that will direct blacklisted domain names to a local webserver on the firewall, so to bypass that you need to basically send back different DNS query results to the LAN ip.  This is possible via an exotic unbound configuration (similar to view statements in BIND).

        pfSense CE 2.7.2

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.