= pfBlockerNG =

pfBlocker-NG introduces an Enhanced Alias Table Feature to pfSense. This Allows, assigning many IP address URL lists to a single alias and then choose a rule action.
Blocking countries and IP ranges, DNS lists is easy with pfBlocker.

To Install go to Package Manager and search and install pfBlocker-NG. This will take some time to install

Once Installed goto Firewall > pfBlockerNG for settings.

On pfBlockerNG settings, General Page, tick '''Enable''' and Save.

Next go to '''Update''' tab and click '''Run''', this will update default lists.

To block IP blocks based on country go to '''GeoIP''' tab and select country/s and their '''List Action''' accordingly and Save.

To block a custom IP block, goto IPv4 or IPv6 and click '''+Add'''
- Give an Alias
- Discription
- URL to a IP subnets list or go to Custom List and enter manually.
- List Action, whether to block or not, whether it is inbound or outbound, etc.
- If it is a URL list, give a update frequency

== Block traffic based on DNS ==

Modern traffic filtering becomes uneasy due to encryption methods, therefore the easiest way in filtering them is to block the DNS. But there should be some requirements for that,

- All devices in the network should resolve DNS from pfsense. You have to block accessing public DNS resolvers by your clients. eg: write a block rule on DNS ports for outgoing traffic from your LAN.
- Need to maintain updated DNS list of unwanted domains.

To accomplish the second point above we will associate some publicly available community maintained dns block lists based on content category.

You can find some of these links from 
- https://github.com/pi-hole/pi-hole/wiki/Customising-sources-for-ad-lists
- https://github.com/StevenBlack/hosts