PfBlocker recommended lists - overlap with Snort



  • Hi All,

    New to pfSense, trying to find my way around.

    In pfBlocker, I am currently using:
    Spamhaus DROP
    Spamhaus EDROP
    DShield Most Active Attackers
    Zeus IP Blocklist (BadIPs)

    I have seen lists that include Emerging Threats and iBlocklist but I'm not sure which of these I should use and whether there is an overlap here with Snort (I subscribe to the Snort VRT updates).

    My questions are:
    What do people recommend list wise?
    Are there any overlaps with Snort?
    Is there any way to check that updates to the lists are being downloaded every 12 hours?

    Thanks in advance!


  • Moderator

    Here is a link to a discussion I had in regards to blocklists.

    https://forum.pfsense.org/index.php?topic=73353.msg402927#msg402927

    Some of those lists are for mail servers and can be ignored. If you add more blacklists, you will need to increase the maximum table entry.

    Goto  Advanced:Firewall/NAT  and increase the "Firewall Maximum Table Entries".

    There is no functionality currently to see if the blacklists are downloading the lists at the specified frequency unfortunately.