Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Migrating BSD packet filter to pfsense

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 254 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rae
      last edited by

      I'm migrating from openBSD packet filter to pfsense.
      Trying to convert a pf.config file to the web menu pfsense format.

      pf.config had:

      table <abusive_hosts> file "/etc/pf.abusive"
      block in quick from { <abusive_countries>, <abusive_hosts>}

      How do I port this to pfsense?
      How does pfsense read the 92k line abusive hosts file?

      I also have tables with IP ranges that include exceptions. e.g.
      table <invalid_ip4> { X.X.X.0/24 !X.X.X.12/2 !X.X.X.99 }

      How do I specify that sort of alias in pfsense?

      Thanks for any and all help.

      1 Reply Last reply Reply Quote 0
      • pttP
        ptt Rebel Alliance
        last edited by

        Check / Take a look at:

        https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html

        1 Reply Last reply Reply Quote 1
        • R
          rae
          last edited by

          thanks!

          so, instead of a file name an rely on the OS to read the file,
          use a url that points to the abusive hosts text file.

          well, I suppose a piece of network equipment would want to use the network to access stuff. :)
          that'll work. I can deal...

          got any suggestions for the 2nd part? how to express exceptions to blocks of host ip addresses?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.