Custom aliases using domain name

Su30MKI · Nov 21, 2018, 4:54 PM

Is it possible to create custom aliases using domain name and not ip address or use a blacklist in the aliases with dns name and not ip address?

KOM · Nov 21, 2018, 6:39 PM

This post is deleted!

Su30MKI · Nov 22, 2018, 2:52 PM

I want to create the aliases using domain name to block the access to particular website or to use a URL which contains the website of a particular category like shallade black list. I don't want to use the DNS IP I want to use the DNS name.

bepo · Nov 22, 2018, 12:49 PM

Yes it is possible. Just create an alias containing the FQDN and use this as a destination object in a firewall rule.

NogBadTheBad · Nov 22, 2018, 1:32 PM

pfBlockerNG

Block by the ASN number or I think you can use a TLD.

An example using Facebook.

Use deny outbound or use it to create an alias.

KOM · Nov 22, 2018, 2:52 PM

This post is deleted!

Su30MKI · Nov 22, 2018, 6:55 PM

@kom Thank you.. But I am not going to block it with the DNS IP address but with the DNS name.

Su30MKI · Nov 22, 2018, 6:57 PM

@nogbadthebad Thank you for the wonderful representation. I am so happy for your effort. Can I assign host based blocking in the network with this method?

Su30MKI · Nov 22, 2018, 7:03 PM

@youngsand1 Hi.. Thank you for showing your support. I created an alias with the url. But it is not blocking.

KOM · Nov 22, 2018, 7:06 PM

This post is deleted!

NogBadTheBad · Nov 22, 2018, 7:08 PM

@su30mki said in Custom aliases using domain name:

@nogbadthebad Thank you for the wonderful representation. I am so happy for your effort. Can I assign host based blocking in the network with this method?

Never used it but there's a bit at the bottom:-

I still think you'd be better blocking by AS number.

Su30MKI · Nov 22, 2018, 7:11 PM

This post is deleted!

Su30MKI · Nov 22, 2018, 7:20 PM

@nogbadthebad I understand that part. How to create an alias for blocking pfsense by pfblockerng? I am very new to pf blockerng. I also have paid blacklist service. Can I load that to pfblockerng?

NogBadTheBad · Nov 22, 2018, 7:41 PM

Instal lpfBlockerNG-devel
Run the setup wizard , define your inbound and outbound interface.
Create a rule Firewall -> pfBlockerNG -> IP -> IPv4 as per my screenshot but set it as deny outbound
Run update via Firewall -> pfBlockerNG -> Update, the firewall rules will automatically be created

The rules will automatically be created on the inbound and outbound interfaces, give it a go, its quite easy.

Re the paid block list you can, depending on the format, it basically creates tables that are used in firewall rules, check the tables out via Diagnostics -> Tables

Su30MKI · Nov 28, 2018, 6:08 AM

@nogbadthebad Hello.. Thank you for your support. I am sorry for the delay in the reply. I was doing a whole new set up. I have multi wan failover setup done. So in PfblockerNG, The Inbound interface --> WAN1 & WAN2 and The outbound interface --> LAN. Is it the right method?

NogBadTheBad · Nov 28, 2018, 8:47 AM

@su30mki

Yup sounds right.

Su30MKI · Nov 28, 2018, 8:56 AM

@nogbadthebad I am having multiple vlans created in pfsense. Then I think the outbound interface should be all the vlans.

NogBadTheBad · Nov 28, 2018, 2:19 PM

@su30mki

Yes.

Su30MKI · Nov 28, 2018, 2:19 PM

@nogbadthebad Hi, I tried doing it, But it is not blocking facebook. Please find the screenshots.

NogBadTheBad · Nov 28, 2018, 2:24 PM

It's deny outbound.

Get it working with ASN numbers they play with the social networking source after.