Migrating BSD packet filter to pfsense

  • I'm migrating from openBSD packet filter to pfsense.
    Trying to convert a pf.config file to the web menu pfsense format.

    pf.config had:

    table <abusive_hosts> file "/etc/pf.abusive"
    block in quick from { <abusive_countries>, <abusive_hosts>}

    How do I port this to pfsense?
    How does pfsense read the 92k line abusive hosts file?

    I also have tables with IP ranges that include exceptions. e.g.
    table <invalid_ip4> { X.X.X.0/24 !X.X.X.12/2 !X.X.X.99 }

    How do I specify that sort of alias in pfsense?

    Thanks for any and all help.

  • Rebel Alliance

  • thanks!

    so, instead of a file name an rely on the OS to read the file,
    use a url that points to the abusive hosts text file.

    well, I suppose a piece of network equipment would want to use the network to access stuff. :)
    that'll work. I can deal...

    got any suggestions for the 2nd part? how to express exceptions to blocks of host ip addresses?

Log in to reply