How to schedule PfBlockerNG?

mucip

Hi,
I use PfBlockerNG now to block some websites very well. But I want to schedule it. For example I want to disable one of the DNSBL list between 12:00-13:00.
Is it possible?

Regards,
Mucip:)

bartkowski

@mucip You will need to setup Time Based Rules in conjunction with pfBlockerNG's "Alias Match" or custom lists.

NogBadTheBad

@bartkowski You can't create an alias in the DNSBL section to use it in a time based rule.

mucip

Dear @nogbadthebad ,
Is there any way to do it?
For instance: If I can create on copy of config file which contains disable/unbound of desired DNSBL group than I can restart the ubound and dnsbl server from code and Add this code in the cron?
This method works good but I could not find the config file to describe diseble/unbound of desired dnsbl group?

I want to simulate select the "disable" group and restart the servers from GUI with the code in the cron.

Where can I find the config file of (disable or unbound choice?) DNSBL group?

Regards,
Mucip:)

mucip

Dear @bartkowski ,
Can you describe little bit more please? because I could not see anything about schedule in PfBlockNG GUI.

Regards,
Mucip:)

Gertjan

PfBlockerNG can't help you out here.
It's a tool that blocks list with IP's and/or hostnames from which you do not want to 'request' anything. Now now, and not tomorrow.

It's has no ambition to act like a "parental control" tool, like "Twitter in the afternoon, but not during the evening and night".

mucip

@gertjan ,
If we can change the config file and restart the server via cron script, why not?. :)
I think I must go deeper in the PfBlockerNG mechanism.

Regards,
Mucip:)

NogBadTheBad

@mucip What exactly are you blocking via DNSBL ?

mucip

Hi @nogbadthebad ,
Some social sites.

Regards,
Mucip:)

NogBadTheBad

@mucip Can you block them via pfBlockerNG -> IP -> IPv4 and create an alias using the ASN number.

You could if its Facebook.

You then could have a time based firewall rule.

mucip

Dear @nogbadthebad ,
Could you explain little bit more please?
Because in my PfBlocker GUI there is only "pfBlockerNG -> IPv4 " menu. And I could not understand what is ASN?...

P.S. By the way I do this limitations with SquidFilter before but I could not find this package in the PfSense anymore?

Regards,
Mucip:)

NogBadTheBad

@mucip

https://en.wikipedia.org/wiki/Autonomous_system_(Internet)

You could then use pfB_FACEBOOK_v4 in a firewall rule and set a schedule, you'd need to remove Facebook from your DNSBL config.

mucip

Hi @nogbadthebad ,
What is your version of the PfBlockerNG?
Looks different than mine.

Regards,
Mucip:)

NogBadTheBad

@mucip pfBlockerNG-devel

NogBadTheBad

You'd then need to create two rules, one that passes traffic to the alias with the time schedule and one that denies without a schedule.

I only use a schedule to throttle traffic out my GUEST interface monday - friday 9AM to 5PM to the internet.

mucip

Hi @nogbadthebad ,
Thanks a lot.
Well I need to upgrade to DEVEL than.
By the way where can I find the complete ASN list. How do you know that Facebook ASN is 92934 e.g.?

Regards,
Mucip:)

NogBadTheBad

@mucip You can type in Facebook in the IPv4 Source Definitions part.

mucip

Dear @nogbadthebad ,
Asolutelly I have to upgrade to DEVEL than. :)

Regards,
Mucip:)