Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Import a Local Hosts File into pfSense??

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 4 Posters 12.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nak_attack
      last edited by

      So I’ve read a few posts and they don’t address this specific issue (at least my search didn’t yield those results).

      GOAL: To add my local hosts file (currently used only on my computer) to pfSense so ALL devices connected would be blocked from visiting these sites.

      Many articles discuss adding these entries into the DNS Forwarder, however I have thousands of urls/ip addresses - this process would take weeks!

      I do web development and for testing purposes, I’d like to point a certain url to my test server, (ex. 107.55.55.107 domain.com) and be able to test the design on my desktop, iPad, and mobile device. I can easily achieve this on my desktop by simply editing the hosts file on my local computer. However, I’d like to ‘import’ this file into pfSense so it would work for ALL devices connected to pfSense. Any ideas??

      I’m comfortable performing ssh tasks if needed.

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Firewall->Aliases, press the bottom right little "up" button to get to the bulk import page.
        There you can paste a list of IP address (or subnet, range…) followed by description. Should be pretty much what is in a hosts file.
        That makes an Alias for all those addresses. Then use the Alias in whatever block or pass rules you like.

        If you have too many IPs for that to accept, then you can put a file containing the addresses and use it in a URL Table type Alias.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • H
          Harvy66
          last edited by

          @phil.davis

          But the IP addresses can change at any given moment. My guess is both the DNS forwarder/resolver and the firewall should be aware.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            This has been gone over multiple times on multiple threads.

            Here is one found with search import hosts

            https://forum.pfsense.org/index.php?topic=86986.0

            So which are you using - are you clear the forwarder dnsmasq or the resolver, 2.2 defaults to using the resolver.  Both of which allow loading a file with your info in there.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • N
              nak_attack
              last edited by

              @phil.davis - thanks for your input, I’ll try this and update this thread.

              @johnpoz - thanks for the link. I’ll read through this post. I’m not really sure which to use as I’m unfamiliar with both the forwarder and resolver. Which one would you recommend I use and why?

              As a note: I’ve tried to add the items directly into /etc/var/hosts file but after I restart the dnsmasq the items are removed by the system.

              1 Reply Last reply Reply Quote 0
              • F FrankM referenced this topic on
              • F FrankM referenced this topic on
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.