PfBlocker
-
Could we make a pfblocker community so we easily can share files and lists?
Maybe from within the package itself?
-
I'm emailing to I-Blocklist maintainer to ask him if he could implement a deduplication feature in the customized lists section. For now, I'll be happy if the pfBlocker package could handle a memory increase by itself. I don't want to mess with file editing in an appliance.
-
Not a bad idea.
I'm emailing to I-Blocklist maintainer to ask him if he could implement a deduplication feature in the customized lists section. For now, I'll be happy if the pfBlocker package could handle a memory increase by itself. I don't want to mess with file editing in an appliance.
-
Just wait for a pfBlocker update… ::)
-
-
It is being very actively forked, we will just have to wait for an announcement from the author doing the update… Or, you could read this thread more carefully. ;D Did you read the thread I posted to you Panz? :-*
Is MArcello still developing this?
Just wait for a pfBlocker update… ::)
-
Thanks! We need forks :)
-
<shaking head="">:-\ and thinking out loud… In the 30yrs I've done this every good Forum has a Troll.
Thanks! We need forks :)</shaking>
-
And youre doing it better than ANY out there ;)
<shaking head="">:-\ and thinking out loud… In the 30yrs I've done this every good Forum has a Troll.
Thanks! We need forks :)</shaking>
-
Wasnt me…dont use that at all
-
-
I really like the idea of blocking entire countries that my network has no business connecting to and put together a script to update pfBlockers country CIDR lists with the lists available from IPdeny.com
Edit - The script didn't work as intended and has been taken down
The download is at the bottom of http://legoclan.com/pfsense/ all feedback is welcome
-
Hi!
How can i fix this on PF 2.2 BETA?
Crash report begins. Anonymous machine information:
amd64
10.1-PRERELEASE
FreeBSD 10.1-PRERELEASE #28 30e366f(HEAD)-dirty: Fri Sep 19 23:30:48 CDT 2014 root@pf22-amd64-snap:/usr/obj.amd64/usr/pfSensesrc/src/sys/pfSense_SMP.10Crash report details:
PHP Errors:
in /usr/local/pkg/pfblocker.inc on line 256 -
I really like the idea of blocking entire countries that my network has no business connecting to and put together a script to update pfBlockers country CIDR lists with the lists available from IPdeny.com
The download is at the bottom of http://legoclan.com/pfsense/ all feedback is welcome
Hi f34rinc,
This will update the ISO files for pfBlocker but it doesn't update the XML Continent Files (ie - Africa) with the changes made to the Country Names. So there could be some inconsistencies.
There are files named
Africa_cidr.txt that have this type of header:
Continent: Africa
Country: Reunion
ISO Code: RE
Total Networks: 245
These files are used by this command to rebuild the XML files based upon the 6 Continent Files.
/usr/local/bin/php /usr/local/www/pfblocker.php uc
-
Hi!
How can i fix this on PF 2.2 BETA?
Crash report begins. Anonymous machine information:
amd64
10.1-PRERELEASE
FreeBSD 10.1-PRERELEASE #28 30e366f(HEAD)-dirty: Fri Sep 19 23:30:48 CDT 2014 root@pf22-amd64-snap:/usr/obj.amd64/usr/pfSensesrc/src/sys/pfSense_SMP.10Crash report details:
PHP Errors:
in /usr/local/pkg/pfblocker.inc on line 256This error doesn't seem to be related to Country Blocking. Maybe its one of your Lists that is failing? Which lists are you using?
-
Thank you BBcan177 I don't believe I have the skill set to accomplish this
Edit - I took the country list of top spammers from http://www.projecthoneypot.org/spam_server_top_countries.php and made a script to make my own replacement for the pfBlocker top spammers list. Please use the link from my previous post above.
-
Hi there,
Total newbie to Pfsense here. I have installed Pfblocker but and added a few countries to block. It is enabled, logging enabled and "deny inbound" is selected for the countries I chose. When I look at the status i see that the status is a red arrow (down). Am I missing something?
Thanks -
PfBlocker will not add an Inbound Rule if there are no other rules on the WAN. So you just need to create a dummy rule and it will populate the Auto Rules.
-
PfBlocker will not add an Inbound Rule if there are no other rules on the WAN. So you just need to create a dummy rule and it will populate the Auto Rules.
Being a eager to learn newbie, how and where would I create a dummy rule. Sorry if this has been asked before.
Update: Got it working. Dummy rule created on the wan did the trick. I disabled the rule after pfblocker started working and all is still good.
Cheers!
-
You need to goto the Firewall rules Tab and create a dummy Block Rule on the Wan interface. If you hover over the pfBlocker Inbound rule that was created. You can use one of those IPs to copy/paste into the dummy rule.
If you edit the inbound rule. It will give you an idea on how to configure the new WAN Block Rule.