PfBlockerNG
-
Yes, I was able to copy and paste the url in to my browser and it came up. I did the "All" as you suggested. I'll see if it updates.
What other lists are good to add? I've looked around and it can get confusing. I've seen lists from BlueTack and I-Blocklist. Are they redundant or any good?
The spammers and hackers can sure make things painful.
-
It looks like it updated okay! I'm excited, thank you very much!
Please let me know if there are other lists you consider good and/or use!
-
I posted some Lists here
https://forum.pfsense.org/index.php?topic=86212.msg486648#msg486648Here are a couple more:
http://www.infiltrated.net/blacklisted
http://www.infiltrated.net/webattackers.txtI tried the Blocklist.de (ssh) and it worked fine on my test? Its strange that you had this error?
as that would indicate that the URL was incorrect (localfile).[pfB_SSH_BlockList SSH_BlockList ] Local File Failure
-
Thank you so much for your help. I'm going to play with this some more tomorrow.
Have a great evening!
-
One more question, about Suppress lists:
I noticed that Bluetack Level 1 blocks Apple range of addresses: 17.0.0.0/8
With that list working on pfblockerNG, my iPad can't get software auto updates.
I think that, manual editing the Suppress Alias will not work, because the Help in the "Suppress" sections says:
"A Blocked IP in a CIDR other than /24 will need to be Suppressed by an 'Permit Outbound' Firewall Rule"
So, how do I pass those addresses?
-
I think that, manual editing the Suppress Alias will not work, because the Help in the "Suppress" sections says:
"A Blocked IP in a CIDR other than /24 will need to be Suppressed by an 'Permit Outbound' Firewall Rule"
So, how do I pass those addresses?
Just as it says :)
Create a new Alias called "Whitelist", in the custom Box at the bottom, enter any IPs that you want to allow Outbound. This will bypass the IP/Range that are in the Blocklists.
Try to limit the IPs range as much as possible.
Set the "Action" to "Permit Outbound"
Define a "Rule Order" in the General Tab that will put the "Whitelist" above the Block/Reject Rules.
(When you make future changes, you can click the "Update Custom List" at the bottom of the alias, and run a "Force Update" to get the new changes to be in effect.)
-
Hey BBScan177,
I looked at the lists you suggested below. I've looked at them before but ignored them. Can you answer 2 questions?
- On pfBlockerNG it says you can comment out stuff using a # sign. The lists below use a semi colon. Will they still work?
- Lots of people use Google and Yahoo for spamming. I checked the MX record IPs for Google and they weren't listed on either list. Do you know if they ever get put on? The reason I ask is that a lot of people use Gmail.
http://www.spamhaus.org/drop/edrop.txt
http://www.spamhaus.org/drop/drop.txtThis is great!
-
Hey BBScan177,
I looked at the lists you suggested below. I've looked at them before but ignored them. Can you answer 2 questions?
- On pfBlockerNG it says you can comment out stuff using a # sign. The lists below use a semi colon. Will they still work?
- Lots of people use Google and Yahoo for spamming. I checked the MX record IPs for Google and they weren't listed on either list. Do you know if they ever get put on? The reason I ask is that a lot of people use Gmail.
http://www.spamhaus.org/drop/edrop.txt
http://www.spamhaus.org/drop/drop.txtThis is great!
Lol.. ok for one… BBCan not BBScan ... (you owe me like +100 Karma for my identity crisis!)
The lists that I recommended are all well established lists. You shouldn't have too much trouble with them.
The parsing of the lists will skip any line that starts with a "#". The Spamhaus list parsing is not affected by that trailing ";".
In the Custom Box entry of the Alias, you can enter an IP and follow that with a "#" to allow you to enter a description. This makes it easier to remember months later, why you put an IP in the Custom Box in the first place.
The Spamhaus list will not affect Google/Yahoo. You can readup on the "Spamhaus" blocklists here… https://www.spamhaus.org/drop/
-
Okay BBCan177,
How do I issue karma points on this? I took speed reading when in high school. You can see how much good it did me! lol
Okay, I didn't comprehend what was written on phBlockerNG. Again, this must have to do with my speed reading!
-
Is the CRON suppose to run hourly? If so then why?
-
Is the CRON suppose to run hourly? If so then why?
https://forum.pfsense.org/index.php?topic=86212.msg492936#msg492936
-
pfBlockerNG can't even import the DROP and EDROP lists from Spamhaus. Is there any way to use the old pfBlocker on pfSense 2.2 (package does not seem to be available)?
-
-
pfBlockerNG can't even import the DROP and EDROP lists from Spamhaus. Is there any way to use the old pfBlocker on pfSense 2.2 (package does not seem to be available)?
I think you have mis-configured something in your setup! As there is no issue with those lists. What errors or symptoms do you see in the logs?
-
I think you have mis-configured something in your setup! As there is no issue with those lists.
+1, zero issues with Spamhaus (e)drop.
-
Lazy man's feature request: can you make the widget's aliases clickable? Like, show what's in the alias on hover (like when you hover in Firewall - Rules) and edit the alias when the row is double-clicked. :D
-
So I just tried to use TeamViewer and Pfblockerng is blocking it. Not sure what list but don’t want to disable the whole list just for TeamViewer, so I went in and added www.teamviewer.com into the alias list and it still isn’t working. I figured I added the wrong thing so I thought I would come here and ask if anyone knows how to add TeamViewer to the alias list and keep it from being blocked?
-
Generic hint: Only use such blocklists that fit your needs and that you are able to manage…
-
Why not push the pass of teamviewer to the top of the list so it doesnt hit the block list before the passlist?? ;)
-
Why not push the pass of teamviewer to the top of the list so it doesnt hit the block list before the passlist?? ;)
Where exactly do I go to do that? I still very new with pfsense so please bare with me…