• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Aliase from local file

Scheduled Pinned Locked Moved General pfSense Questions
6 Posts 2 Posters 734 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    markster
    last edited by Nov 27, 2022, 1:37 AM

    I have not found the answer yet, so I wonder if anyone has a solution.
    I have a local file eg: /usr/local/myfile/test.txt containing list of networks eg:
    91.245.224.0/24
    91.245.225.0/24
    91.245.226.0/24
    94.158.240.0/22
    104.121.64.0/23
    ..

    I want to create an Alias (URL) from the file. I though it would/should be supported. I specify url as file:///usr/local/myfile/test.txt but get an error.

    Is that a bug or I am doing it wrong?

    M 1 Reply Last reply Nov 28, 2022, 6:36 AM Reply Quote 0
    • M
      markster @markster
      last edited by Nov 28, 2022, 6:36 AM

      @markster

      If anyone is looking for a solution, the file must be located in /usr/local/www directory. You can create symbolic link to prevent future updates that can potentially remove your files.

      I did the following.

      I created directory /usr/home and here I stored my file, lets call it badips.txt. Then I created a symbolic link, ln -s /usr/home /usr/local/www/home.

      Now I can import the file using GUI Aliases as URL Table (IP) with the following URL -> https://127.0.0.1/home/badips.txt

      1 Reply Last reply Reply Quote 2
      • S
        stephenw10 Netgate Administrator
        last edited by Nov 28, 2022, 2:00 PM

        Yes, if you look at pfBlocker, which uses URL aliases, it does pretty much the same thing.

        You might consider using pfBlocker dircetly instead if you're able to.

        Steve

        M 1 Reply Last reply Nov 28, 2022, 3:51 PM Reply Quote 0
        • M
          markster @stephenw10
          last edited by Nov 28, 2022, 3:51 PM

          @stephenw10

          I have no reason to use pfBlocker since most of the functionality is provided by pfsense by itself. Things like blocking IP's by say country or ASN you can do this without any 3rd party code.

          I compile and run my own Unbound DNS in Docker on my Synology. Blocking and managing CN entries is handled by Unbound. I am on version 1.17 versus pfsense is I think on 1.13.
          I have my own little shell script to download the files I need and convert them to RPZ format. I dont use any additional configuration files. Unbound config has been like this for years and I have never had any issues. Blocking ads/malware etc is very easy task with Unbound. Pfsense ads additional IP blocking I needed.

          Separation of concerns is a good IT architecture and makes my solution more agile.

          1 Reply Last reply Reply Quote 0
          • S
            stephenw10 Netgate Administrator
            last edited by Nov 28, 2022, 4:05 PM

            Sounds like you have it well in hand. 😉

            The only reason I would tend to use pfBlocker is that by doing so all of the config is included in the main pfSense config file making restoring a lot easier should you have to. But if your external script is uploading that to the correct location anyway that shouldn't be an issue.

            Steve

            1 Reply Last reply Reply Quote 0
            • M
              markster
              last edited by Nov 28, 2022, 4:16 PM

              My IP block files are pfsense Aliases so backup is not an issue since these will be done with pfsense backup.

              Unbound in Docker is a blessing I tell you. Backup is done with Synology using 123 backup strategy.

              1 Reply Last reply Reply Quote 1
              5 out of 6
              • First post
                5/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received