How to schedule PfBlockerNG?
-
Hi,
I use PfBlockerNG now to block some websites very well. But I want to schedule it. For example I want to disable one of the DNSBL list between 12:00-13:00.
Is it possible?Regards,
Mucip:) -
@mucip You will need to setup Time Based Rules in conjunction with pfBlockerNG's "Alias Match" or custom lists.
-
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
Dear @nogbadthebad ,
Is there any way to do it?
For instance: If I can create on copy of config file which contains disable/unbound of desired DNSBL group than I can restart the ubound and dnsbl server from code and Add this code in the cron?
This method works good but I could not find the config file to describe diseble/unbound of desired dnsbl group?I want to simulate select the "disable" group and restart the servers from GUI with the code in the cron.
Where can I find the config file of (disable or unbound choice?) DNSBL group?
Regards,
Mucip:) -
Dear @bartkowski ,
Can you describe little bit more please? because I could not see anything about schedule in PfBlockNG GUI.Regards,
Mucip:) -
PfBlockerNG can't help you out here.
It's a tool that blocks list with IP's and/or hostnames from which you do not want to 'request' anything. Now now, and not tomorrow.It's has no ambition to act like a "parental control" tool, like "Twitter in the afternoon, but not during the evening and night".
No "help me" PM's please. Use the forum.
-
@gertjan ,
If we can change the config file and restart the server via cron script, why not?. :)
I think I must go deeper in the PfBlockerNG mechanism.Regards,
Mucip:) -
@mucip What exactly are you blocking via DNSBL ?
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
Hi @nogbadthebad ,
Some social sites.Regards,
Mucip:) -
@mucip Can you block them via pfBlockerNG -> IP -> IPv4 and create an alias using the ASN number.
You could if its Facebook.
You then could have a time based firewall rule.
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
Dear @nogbadthebad ,
Could you explain little bit more please?
Because in my PfBlocker GUI there is only "pfBlockerNG -> IPv4 " menu. And I could not understand what is ASN?...P.S. By the way I do this limitations with SquidFilter before but I could not find this package in the PfSense anymore?
Regards,
Mucip:) -
https://en.wikipedia.org/wiki/Autonomous_system_(Internet)
You could then use pfB_FACEBOOK_v4 in a firewall rule and set a schedule, you'd need to remove Facebook from your DNSBL config.
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
Hi @nogbadthebad ,
What is your version of the PfBlockerNG?
Looks different than mine.Regards,
Mucip:) -
@mucip pfBlockerNG-devel
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
You'd then need to create two rules, one that passes traffic to the alias with the time schedule and one that denies without a schedule.
I only use a schedule to throttle traffic out my GUEST interface monday - friday 9AM to 5PM to the internet.
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
Hi @nogbadthebad ,
Thanks a lot.
Well I need to upgrade to DEVEL than.
By the way where can I find the complete ASN list. How do you know that Facebook ASN is 92934 e.g.?Regards,
Mucip:) -
@mucip You can type in Facebook in the IPv4 Source Definitions part.
Andy
1 x Netgate SG-4860 21.05 - 3 x Linksys LGS308P - 1 x Ubiquity UniFi Cloud Key - 1 x Ubiquity UniFi AP-AC-Pro
-
Dear @nogbadthebad ,
Asolutelly I have to upgrade to DEVEL than. :)Regards,
Mucip:)
