Adblocker in between pfsense & cablemodem ?



  • home net setup:
      home_net->pfsense(re1-192.168.1.1)->pfsense(re0-WAN)->cableModem->ISP

    i purchased an AdTrap unit. it has one eth0 and one wan0.

    i'm trying to figure out where best to place it, and i assume between my pfsense FW and the Cablemodem? or into another nic on the pfsense fw?
    and too, the IP addressing values i'm not sure about either.

    1. will AdTrap on the WAN side gets ip from the ISP as the Cablemodem does?

    2. pfsense wan0 already gets an IP from my ISP so im' wondering what IP i give the AdTrap eth0 nic that connects to pfsense?

    or do i need to give a new local sub-net IP static value to the pfsense wan0 and give the AddTrap eth0 nic an IP from that subnet?

    yep, need a little enlightenment to help me wrap me head about this. tia


  • Netgate Administrator

    Hmm, interesting. I think you could configure pfSense to work with the adtrap unit however it works. More information needed on how the adtrap unit functions.
    I see from breifly reading the adtrap site that it has a proxy mode where it can function with a single connection. You could probably configure pfSense to catch and redirect web traffic to it.

    The adtrap site seems a little light on technical details.  :-\

    Steve



  • @stephenw10:

    Hmm, interesting. I think you could configure pfSense to work with the adtrap unit however it works. More information needed on how the adtrap unit functions.
    I see from breifly reading the adtrap site that it has a proxy mode where it can function with a single connection. You could probably configure pfSense to catch and redirect web traffic to it.

    The adtrap site seems a little light on technical details.  :-\

    Steve

    a little light to me also. i'm sure by design.

    it is setup, at least from its auto-detect function when first logging in to its web interface as either "inline: between ones wall jack or cable modem and from AdTrap to router or computer" or other setup option is, "like a all in-one modem/router"

    each of its two interfaces (LAN & WAN) has capability for DHCP or static config. and it has its own DHCP server, logging, FW rules, etc. typiccal type stuff.

    i'm just not sure what to config my pfsense wan0 to.

    i.e., have the AdTrap DHCP server serve an ip to the pfsense wan0 such that pfsense wan0 and AdTrap eth1 are on the same subnet.  that way pfsense should still be able NAT to my local net as it is doing now, even if the pfsense wan0 has a RFC 1918 address though diff from my local net.

    if my cable modem is getting an ip from ISP with its unique MAC i can't wrap my head around what the AdTrap WAN should be manually set to.

    or if i should just put it on like LAN3 of pfsense and route through there and back through to local net, ya know?

    long post, but trying in my limited vocabulary to explain and ask.

    thanks for your reply


  • Netgate Administrator

    I guessing here really but I'd try and put it on a separate interface and route http traffic to it. That gives you the most control from the pfSense box.
    It's an interesting product, there's actually loads of good info on their forum including hardware mods etc which is always a good sign. The box appears to be a linux box running Squid and some filtering, I couldn't easily find what its rated throughput is. Theoretically you should be able to what the adtrap does in pfSense but this does make it very easy.

    Maybe get some advice on the adtrap forum.

    Steve


  • Netgate Administrator

    I'm guessing this is you then? http://forums.getadtrap.com/forums/viewtopic.php?f=8&t=2234
    If not then here's your answer. Glad to see the developer agrees with my suggestion. ;)

    Steve



  • @stephenw10:

    I guessing here really but I'd try and put it on a separate interface and route http traffic to it. That gives you the most control from the pfSense box.
    It's an interesting product, there's actually loads of good info on their forum including hardware mods etc which is always a good sign. The box appears to be a linux box running Squid and some filtering, I couldn't easily find what its rated throughput is. Theoretically you should be able to what the adtrap does in pfSense but this does make it very easy.

    Maybe get some advice on the adtrap forum.

    Steve

    a good idea. either this or put in between modem and pfsense.

    i take it, if i put it on a separate interface, i'd put AdTrap in proxy mode? though i'm not a 100% sure

    thanks



  • @stephenw10:

    I'm guessing this is you then? http://forums.getadtrap.com/forums/viewtopic.php?f=8&t=2234
    If not then here's your answer. Glad to see the developer agrees with my suggestion. ;)

    Steve

    ..or he read your post prior. ;-)

    i read that post just prior to replying to your previous post. seems two options both i can now see how to setup.  i'll need to think/research a bit more on the "add interface & route http and back". though that does make good use of the pfsense box.


  • Netgate Administrator

    Great. :)
    I see that they abandoned their original plan to use off the shelf hardware because it wasn't capable of more than 60Mbps. I can't find what their custom board can do though.  :-
    Keep us updated with your experiences of this interesting product.

    Steve