How to Block UltraSurf

alfredopea

Blocking UltraSurf:

1. Install pfBlocker in pfSense 2.0
2. Enter the following address in your browser: https://www.countryipblocks.net/
3. From the main menu page select ACL's
4. Select the country "Tawian, Province of China" and generate a list in CIDR format, then copy to clipboard the information
5. Go to pfBlocker module from Firewall -> PfBlocker
6. Select the tab "List" and proceed to generate a new list the name wherever you want, in "Action List" select "Deny Both"
7. Then paste the CIDR list in "CIDR" textbox
8. Click on the tab "General", to enable this module just click "Enable"
9. Inbound Interface select "WAN" by default or depending on how you receive your ISP signal.
10. "Deny Indbound Action" select "Block"
11. "Outbund Interfaces" select "LAN" interfaces or VLANs you have defined
12. "Outbound deny action" select "Reject"
13. Save the changes
14. Create or change the rule to make DNS queries to the IP of your internal DNS server (LAN Subnet allow "TCP/UDP" to Destination: YOUIPDNS, Protocol:DNS), it's necessary to enable Services -> DNS Forwarder.

Verify that the rules were generated in "Firewall"–> "Rules" on WAN interfaces, LAN or VLANs that you have previously set in your pfSense box, unfortunately UltraSurf required to operate most of ips that are housed in the province ( Taiwan), the simplest is to block all the segments. I understand that this is'n very elegant but at least...work, tested on pfSense 2.0.1-RELEASE (amd64), I hope this post be useful for your purposes.

And sorry about my English.