Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlocker whitelist?

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 5.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      digdug3
      last edited by

      Is it possible to add an ip or ip range to a whitelist in pfBlocker.
      This way if a ip or range was blocked you could disable the block.

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Just create a Whitelist Alias and add the IPs you want to have protected from being blocked.

        Than, enter a "Pass" rule for the Whitelist Alias and put that rule above the pfBlocker "Block" Alias Rules.

        This way the Rule will allow the ip before its blocked by a rule below it.

        pfBlocker is just used to Download Blacklists and put them into Alias names.

        From there, all the work needs to be done in the Firewall:Rules section. So you could Block on the WAN and Reject on the LAN side.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • D
          digdug3
          last edited by

          @BBcan17:

          Just create a Whitelist Alias and add the IPs you want to have protected from being blocked.

          Than, enter a "Pass" rule for the Whitelist Alias and put that rule above the pfBlocker "Block" Alias Rules.

          This way the Rule will allow the ip before its blocked by a rule below it.

          pfBlocker is just used to Download Blacklists and put them into Alias names.

          From there, all the work needs to be done in the Firewall:Rules section. So you could Block on the WAN and Reject on the LAN side.

          This works, but then you also have to open all the ports you have configured to this whitelist.
          If the IP was not blocked at all it would behave "normally" to the next rules.

          1 Reply Last reply Reply Quote 0
          • BBcan177B
            BBcan177 Moderator
            last edited by

            @digdug3:

            This works, but then you also have to open all the ports you have configured to this whitelist.
            If the IP was not blocked at all it would behave "normally" to the next rules.

            Hi digdug3,

            The order of the rules in the Firewall tab are important.

            Block first and than Pass next.

            If you are having a specific issue, post the issue and maybe someone might be able to help.

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.