pfblockerng



  • Hi guys,

    Im busy testing Pfblockerng Dev with shallalist dnsbl categories. Is it possible to create aliases for each category instead of one global DNSBL? Basically making pfblockerng to create an alias for each category referenced in shallalist so you can create manual firewall rules using those aliases pointing to lets say social networks?

    Basically I want to do the following. Create a Lan rule with a pfsense alias containing all the Managers ip addresses as source and destination using pfblockerng's social network category. If the rule is matched it should redirect to pfblockersng blocked page.

    We already use squidguard, but https mitm is just a nighmare with the blocked page especially with byod and installing root ca certificates on all the devices.

    Regards



  • @riaanwest said in pfblockerng:

    Basically making pfblockerng to create an alias for each category referenced in shallalist so you can create manual firewall rules using those aliases pointing to lets say social networks?

    You can't use FW_Rules with DNSBL tables.

    DNSBL operate on the Domain Name space.

    Firewall rules operate on the IP space.