pfBlockerNG Permit Inbound Wildcard Domain

  • Hello,

    I have been using pfblocker for geoIP blocking only. Recently, I've discovered that putting manual rules within the pfblocker rules get bumped down the list every cron update.

    I am trying to make a permanent exception to allow inbound requests from *

    in the IPv4 tab, the rule list is set to "Whois" and source I've set to * This fails during update.

    Any ideas how I can whitelist IPs that resolve to a wildcard domain such as this one?

    Maybe this will help... Is there a way I can parse and whitelist Amazon IP Ranges?

  • To my surprise, my attempts in getting the AWS IPs white listed actually works--just needed to clear my firewall states.

    For those wondering, this is what I did... This is assuming all AWS server IPs are trusted.

    • Firewall/pfBLockerNG/IPv4>+Add
    • Alias Name: AWS
    • List Description: Allow AWS Inbound
    • IPv4 Lists: Format-Auto, State-Hold, Source-, Header/Label-aws
    • List Action: Permit Inbound
    • Update Frequency: Weekly
    • Other fields default should be okay.

    If you want to specify ports, set and enable a Custom DST Port under "Advanced Inbound Firewall Rule Settings".

    Otherwise save, and run pfblocker update in Firewall/pfBlockerNG/Update.

    For immediate results you might need to clear firewall states in Diagnostics/States/Reset States.

  • Moderator

    More info here.... I'd like to add a page for this in the GUI, but too much to do with so little time....

    ps - Come and subscribe to the reddit page :)