Changes between Initial Version and Version 1 of noc2018/agenda/PfsensepfBlockerNG

Timestamp:

Dec 5, 2018, 6:23:25 PM (7 years ago)

Author:

admin

Comment:

--

noc2018/agenda/PfsensepfBlockerNG

@@ +1 @@
+= pfBlockerNG =
+
+pfBlocker-NG introduces an Enhanced Alias Table Feature to pfSense. This Allows, assigning many IP address URL lists to a single alias and then choose a rule action.
+Blocking countries and IP ranges, DNS lists is easy with pfBlocker.
+
+To Install go to Package Manager and search and install pfBlocker-NG. This will take some time to install
+
+Once Installed goto Firewall > pfBlockerNG for settings.
+
+On pfBlockerNG settings, General Page, tick '''Enable''' and Save.
+
+Next go to '''Update''' tab and click '''Run''', this will update default lists.
+
+To block IP blocks based on country go to '''GeoIP''' tab and select country/s and their '''List Action''' accordingly and Save.
+
+To block a custom IP block, goto IPv4 or IPv6 and click '''+Add'''
+- Give an Alias
+- Discription
+- URL to a IP subnets list or go to Custom List and enter manually.
+- List Action, whether to block or not, whether it is inbound or outbound, etc.
+- If it is a URL list, give a update frequency
+
+== Block traffic based on DNS ==
+
+Modern traffic filtering becomes uneasy due to encryption methods, therefore the easiest way in filtering them is to block the DNS. But there should be some requirements for that,
+
+- All devices in the network should resolve DNS from pfsense. You have to block accessing public DNS resolvers by your clients. eg: write a block rule on DNS ports for outgoing traffic from your LAN.
+- Need to maintain updated DNS list of unwanted domains.
+
+To accomplish the second point above we will associate some publicly available community maintained dns block lists based on content category.
+
+You can find some of these links from 
+- https://github.com/pi-hole/pi-hole/wiki/Customising-sources-for-ad-lists
+- https://github.com/StevenBlack/hosts
+
+
+