• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to block an ip range from any company.

Scheduled Pinned Locked Moved pfBlockerNG
8 Posts 4 Posters 1.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    anttechs
    last edited by Feb 16, 2019, 12:55 PM

    I know I should no this by now with PfSense and PfBlocker.
    Stupid question but I just want to make sure Im doing right and that it is that easy.

    Make an Aliases and add the ranges from a WHOIS0_1550321342742_Screenshot 02-16-2019 12.26.52.png check and that’s it?

    Is it that easy and straightforward?

    0_1550321385389_Screenshot 02-16-2019 12.28.26.png

    Ill say it again, I do love the way BBCAN177 got a DNSBL with the BBC in it lol that’s great still keep the anti corps coming I say lol

    0_1550321430668_Screenshot 02-16-2019 12.42.02.png

    I do love my tools plugin :)

    Intel(R) Celeron(R) CPU J1900 @ 1.99GHz
    Current: 1992 MHz, Max: 1993 MHz
    4 CPUs: 1 package(s) x 4 core(s)
    AES-NI CPU Crypto: No
    8 Gig RAM
    250GB SSD

    https://ant-techs.is/ip-blocklists

    1 Reply Last reply Reply Quote 0
    • C
      CyberMinion
      last edited by Feb 17, 2019, 5:21 AM

      That the first step. You can also use the import button under Aliases, to enter a blob of addresses.

      Then, go to Firewall > Rules and add a rule for each alias. You can block just LAN (going out) or WAN (coming in), or use a floating rule. In the rule, include the alias and what you want to do (block or reject).

      1 Reply Last reply Reply Quote 1
      • A
        anttechs
        last edited by Feb 17, 2019, 3:28 PM

        Thats cool to know thanks as was wondering about the Lan side of it.
        Thank you very much for the info ;)

        Intel(R) Celeron(R) CPU J1900 @ 1.99GHz
        Current: 1992 MHz, Max: 1993 MHz
        4 CPUs: 1 package(s) x 4 core(s)
        AES-NI CPU Crypto: No
        8 Gig RAM
        250GB SSD

        https://ant-techs.is/ip-blocklists

        1 Reply Last reply Reply Quote 0
        • C
          CyberMinion
          last edited by Feb 17, 2019, 9:55 PM

          @anttechs I'm glad I could help. Actually though, I'm just passing on what I just recently learned in this forum. I had to ask a similar question recently.

          FYI, the link in your signature seems to be broken (returns 404). I can access the main site, but your permissions settings block further exploring.

          1 Reply Last reply Reply Quote 0
          • G
            Gertjan
            last edited by Gertjan Feb 18, 2019, 8:39 AM Feb 18, 2019, 8:38 AM

            facebook.com
            is not only
            0_1550479066153_f39a4201-33ef-4674-8ef1-b49ba71fe658-image.png

            Your image indicates that facebook uss one (1) IPv6.
            The own entire AS's with huge IPv6 ranges.
            IPv4 : same thing.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 1
            • A
              anttechs
              last edited by Feb 20, 2019, 1:36 PM

              Yes Im still learning but I thought that was the IPV6 range, thats my little example but what do you think of this ?

              Is this what it should look like or have I got a lot more to think about when blocking big names?

              0_1550669743249_Screenshot 02-20-2019 13.32.15.png

              Intel(R) Celeron(R) CPU J1900 @ 1.99GHz
              Current: 1992 MHz, Max: 1993 MHz
              4 CPUs: 1 package(s) x 4 core(s)
              AES-NI CPU Crypto: No
              8 Gig RAM
              250GB SSD

              https://ant-techs.is/ip-blocklists

              1 Reply Last reply Reply Quote 0
              • G
                Grimson Banned
                last edited by Grimson Feb 20, 2019, 2:33 PM Feb 20, 2019, 2:33 PM

                You need to learn the difference between a single IP, an IP range and a network.

                RTFM:
                https://docs.netgate.com/pfsense/en/latest/book/network/index.html
                https://docs.netgate.com/pfsense/en/latest/book/firewall/aliases.html#network-aliases

                1 Reply Last reply Reply Quote 0
                • C
                  CyberMinion
                  last edited by CyberMinion Feb 20, 2019, 10:33 PM Feb 20, 2019, 10:27 PM

                  yeah, those are single addresses. You will need ranges, using CIDR notation, like 10.10.0.0/24, or simply a dash, like "1.1.1.1-2.2.2.2". Be careful with these, as it is easy to block too much if you don't know what you are doing, and really mess things up. As long as you don't block your access to the firewall, you can do a little trial and error if needed, though.

                  Facebook has so many IPs though, it's not even funny. They also use datacenters which other companies use, so in an attempt to block Facebook, you may be killing off hundreds of other websites and services running from the same datacenter, or another similar connection. Entire governments are struggling to block services like Facebook, so it's probably not going to be all that easy. This is still something good to learn, but would you be better off just using something like pfBlockerNG's DNSBL? With that, you can just specify that "Facebook.com" should be redirected to a dummy internal server, thus preventing access. For this to work, you do need to have your own DNS server, but pfSense makes that easy.

                  1 Reply Last reply Reply Quote 0
                  1 out of 8
                  • First post
                    1/8
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    This community forum collects and processes your personal information.
                    consent.not_received