How to Block UltraSurf
-
Blocking UltraSurf:
- Install pfBlocker in pfSense 2.0
- Enter the following address in your browser: https://www.countryipblocks.net/
- From the main menu page select ACL's
- Select the country "Tawian, Province of China" and generate a list in CIDR format, then copy to clipboard the information
- Go to pfBlocker module from Firewall -> PfBlocker
- Select the tab "List" and proceed to generate a new list the name wherever you want, in "Action List" select "Deny Both"
- Then paste the CIDR list in "CIDR" textbox
- Click on the tab "General", to enable this module just click "Enable"
- Inbound Interface select "WAN" by default or depending on how you receive your ISP signal.
- "Deny Indbound Action" select "Block"
- "Outbund Interfaces" select "LAN" interfaces or VLANs you have defined
- "Outbound deny action" select "Reject"
- Save the changes
- Create or change the rule to make DNS queries to the IP of your internal DNS server (LAN Subnet allow "TCP/UDP" to Destination: YOUIPDNS, Protocol:DNS), it's necessary to enable Services -> DNS Forwarder.
Verify that the rules were generated in "Firewall"–> "Rules" on WAN interfaces, LAN or VLANs that you have previously set in your pfSense box, unfortunately UltraSurf required to operate most of ips that are housed in the province ( Taiwan), the simplest is to block all the segments. I understand that this is'n very elegant but at least...work, tested on pfSense 2.0.1-RELEASE (amd64), I hope this post be useful for your purposes.
And sorry about my English.