Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Aliase from local file

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 2 Posters 649 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      markster
      last edited by

      I have not found the answer yet, so I wonder if anyone has a solution.
      I have a local file eg: /usr/local/myfile/test.txt containing list of networks eg:
      91.245.224.0/24
      91.245.225.0/24
      91.245.226.0/24
      94.158.240.0/22
      104.121.64.0/23
      ..

      I want to create an Alias (URL) from the file. I though it would/should be supported. I specify url as file:///usr/local/myfile/test.txt but get an error.

      Is that a bug or I am doing it wrong?

      M 1 Reply Last reply Reply Quote 0
      • M
        markster @markster
        last edited by

        @markster

        If anyone is looking for a solution, the file must be located in /usr/local/www directory. You can create symbolic link to prevent future updates that can potentially remove your files.

        I did the following.

        I created directory /usr/home and here I stored my file, lets call it badips.txt. Then I created a symbolic link, ln -s /usr/home /usr/local/www/home.

        Now I can import the file using GUI Aliases as URL Table (IP) with the following URL -> https://127.0.0.1/home/badips.txt

        1 Reply Last reply Reply Quote 2
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yes, if you look at pfBlocker, which uses URL aliases, it does pretty much the same thing.

          You might consider using pfBlocker dircetly instead if you're able to.

          Steve

          M 1 Reply Last reply Reply Quote 0
          • M
            markster @stephenw10
            last edited by

            @stephenw10

            I have no reason to use pfBlocker since most of the functionality is provided by pfsense by itself. Things like blocking IP's by say country or ASN you can do this without any 3rd party code.

            I compile and run my own Unbound DNS in Docker on my Synology. Blocking and managing CN entries is handled by Unbound. I am on version 1.17 versus pfsense is I think on 1.13.
            I have my own little shell script to download the files I need and convert them to RPZ format. I dont use any additional configuration files. Unbound config has been like this for years and I have never had any issues. Blocking ads/malware etc is very easy task with Unbound. Pfsense ads additional IP blocking I needed.

            Separation of concerns is a good IT architecture and makes my solution more agile.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Sounds like you have it well in hand. 😉

              The only reason I would tend to use pfBlocker is that by doing so all of the config is included in the main pfSense config file making restoring a lot easier should you have to. But if your external script is uploading that to the correct location anyway that shouldn't be an issue.

              Steve

              1 Reply Last reply Reply Quote 0
              • M
                markster
                last edited by

                My IP block files are pfsense Aliases so backup is not an issue since these will be done with pfsense backup.

                Unbound in Docker is a blessing I tell you. Backup is done with Synology using 123 backup strategy.

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.