Blocking all but the whitelist.

dabone

Is it possible to use this to block all but a few websites using pfblocker.

I'd like to just block all dns requests except for whitelisted domains.

Thanks.

BBcan177

Not really in the package, but you could probably do that in the pfSense Unbound Adv. Configuration settings using "local-zone" "static" settings.

https://www.unbound.net/documentation/unbound.conf.html

mhab12

https://forum.netgate.com/post/774687

BBcan177

@mhab12 said in Blocking all but the whitelist.:

https://forum.netgate.com/post/774687

Using a "dot" in Squid is the same for Unbound. Create a "local-zone" with ".", and then define all the "local-data" entries that you want to allow. Any local-data not defined will return nxdomain.

From the Unbound docs link posted previously:

local-zone: <zone> <type>

**static**
                 If there is a match from local data, the query  is  answered.
                 Otherwise,  the  query  is  answered with nodata or nxdomain.
                 For a negative answer a SOA is  included  in  the  answer  if
                 present as local-data for the zone apex domain.