Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Enforce pfblockerng for specific hosts/networks

    pfBlockerNG
    2
    3
    502
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sparkman123 last edited by

      Is there a way to craft pfblockerng firewall rules such that they are only enforced for certain hosts/networks on the LAN?

      For instance, if I only want to have rules enforced for my VPN clients.

      Thanks

      1 Reply Last reply Reply Quote 0
      • Grimson
        Grimson Banned last edited by

        Sure, use one of the "Alias" options for the "List Action" and create the rules yourself. See: https://forum.pfsense.org/index.php?topic=142225.msg775638#msg775638

        1 Reply Last reply Reply Quote 0
        • S
          sparkman123 last edited by

          Ok thanks. I got that to work.

          But I guess I was looking for a way to bypass the firewall rules as well as DNSBL (i.e. I wanted a subnet on my LAN which would behave as though pfblockerng was not installed).

          I found this post:

          https://forum.pfsense.org/index.php?topic=119031.0

          which seems to suggest that the only way around DNSBL is to push an entirely separate DNS entry for the hosts that will bypass DNSBL. The problem with this though is that these hosts will not be able to take advantage of DNS over TLS as implemented in pfsense.

          Is there any other way to bypass DNSBL?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy