Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfblockerng whitelisting help

    Scheduled Pinned Locked Moved
    pfBlockerNG
    1
    1
    323
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rtkluttz
      last edited by

      I am working with pfblocker in two different scenarios with a similar need in both.

      1. I have the feeds I need enabled but a few good sites that I use are caught in the crossfire. I need to be able to whitelist by TLD in a way that whitelists it regardless of whether the block is occurring from an IP or DNS feed.

      2. I am attempting to set up a locked down environment for small business where only whitelisted items can be accessed (blocked by default). I'm thinking of just using custom TLD rule to lock down all the root domains, and then whitelisting just the TLD's that I need to work.

      Both of these needs involve needing a whitelist that is just that. No matter how it is blocked, all hosts in the whitelisted domain need to work.

      More info related but not necessary: I am a long time pfsense user and in the past have handled scenario #2 by intercepting all DNS traffic, having all DNS resolution return localhost and then adding a line for each domain. This was dirty and required going to the custom options section for everything and it also only works for DNS. REALLY REALLY hoping that pfblockng is the cure to finally do it all from one place. Example is below...

      local-zone: "." static

local-zone: "3pf.com" transparent
local-zone: "401k.com" transparent
local-zone: "53.com" transparent
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.