pfblockerNG - Do not Block on specific specific Interface



  • Hi I've setup pfsense and successfully installed pfblockerng-devel and it's working blocking ads using pi hole list. but I experience some kind of problem, I have 5 VLAN interface and I want some interface to NOT participate in the blocking I want the interface to access everything. how to do this? I saw this option in dnsbl but still all interface is participating in the blocking
    0_1538063104823_65f6e0ae-1e03-47ec-adf7-2c10b85920d2-image.png


  • Moderator

    The permit Firewall rule is not designed to bypass DNSBL... Its only needed to create a firewall rule so that the vlans can access the DNSBL webserver without the browser timing out...

    See the following to configure an Unbound "views" manual option:
    https://forum.netgate.com/topic/129365/bypassing-dnsbl-for-specific-ips



  • Hi BBcan177,

    Can you please share where to manually configure the unbound rules? so that I can manually bypass dnsbl for the specific IP range. thanks.


  • Moderator

    @soltesandrew said in pfblockerNG - Do not Block on specific specific Interface:

    Can you please share where to manually configure the unbound rules? so that I can manually bypass dnsbl for the specific IP range. thanks.

    In pfSense > Services > DNS Resolver > Custom options



  • Hi BBcan177,

    Found it, I will try to manually bypass DNSBL. and Thank you so much for your hard work in pfblockerNG :)



  • @bbcan177 Dear BB, first of all, thanks for creating this great package. I've been playing with it for a couple of days but can't seem to find the correct config for me.

    I have a kind of specific situation. I have my WAN (which fails regularly), so I have setup a USB Drive from my local cellphone company (which is very reliable, but I only have 5 GB per month quota). I have them setup as a Failover Wan, meaning, when WAN goes offline the USB goes online automatically.

    The problem I've had the last couple of months is that my WAN goes offline (we don't even notice when its offline) and my family keeps on using the internet as usual (youtube, netflix, facebook etc etc) so the USB drive runs out in a matter of days.

    So I would like to only block all the high bandwith services on the USB Drive (opt1 inteface), so when my wan is offline, everybody is able to use the internet, but not use the high bandwith services.

    Is this possible with the current version of Pfblocker?

    My bottom line is that I would like to apply the PFBlocker to the opt1, but not to the WAN interface.



  • @rmalla said in pfblockerNG - Do not Block on specific specific Interface:

    @bbcan177 Dear BB, first of all, thanks for creating this great package. I've been playing with it for a couple of days but can't seem to find the correct config for me.

    I have a kind of specific situation. I have my WAN (which fails regularly), so I have setup a USB Drive from my local cellphone company (which is very reliable, but I only have 5 GB per month quota). I have them setup as a Failover Wan, meaning, when WAN goes offline the USB goes online automatically.

    The problem I've had the last couple of months is that my WAN goes offline (we don't even notice when its offline) and my family keeps on using the internet as usual (youtube, netflix, facebook etc etc) so the USB drive runs out in a matter of days.

    So I would like to only block all the high bandwith services on the USB Drive (opt1 inteface), so when my wan is offline, everybody is able to use the internet, but not use the high bandwith services.

    Is this possible with the current version of Pfblocker?

    My bottom line is that I would like to apply the PFBlocker to the opt1, but not to the WAN interface.

    Hello All,

    Any news on this?