Differences

This shows you the differences between two versions of the page.

--- pfsense:pfblockerng:install_pfblockerng:setup_ip_blocking [2021/01/28 10:38] – peter
+++ pfsense:pfblockerng:install_pfblockerng:setup_ip_blocking [2021/01/28 14:42] (current) – peter
@@ Line 5: / Line 5: @@
 Navigate to **Firewall -> pfBlockerNG -> IP**.
-Within the **IP Configuration** section:
+In **IP Configuration**:
   * De-Duplication: **Checked**
@@ Line 24: / Line 24: @@
 Navigate to **Firewall -> pfBlockerNG -> IP**.
-Within the **MaxMind GeoIP configuration** section:
+In **MaxMind GeoIP configuration**:
   * MaxMind License Key: **Enter the MaxMind License Key**.  If you don't have a key, register for one on the [[https://www.maxmind.com/|Maxmind Site]].
@@ Line 36: / Line 36: @@
 ===== IP Interface/Rules Configuration =====
+Navigate to **Firewall -> pfBlockerNG -> IP**.
-Within the **IP Interface/Rules Configuration** section:
+In **IP Interface/Rules Configuration**:
   * Inbound Firewall Rules:  **WAN** and **Block**.
@@ Line 53: / Line 54: @@
 {{:pfsense:pfblockerng:pfsense_pfblockerng_ip_save.png?800|}}
+<WRAP info>
+**NOTE:**  Floating rules are used here, as they keep all the pfBlockerNG rules in one place.
+Otherwise each interface will have a copy of these rules and therefore harder to maintain.
+</WRAP>
+----
+===== Setup Custom IP Lists =====
+==== IPv4 ====
+Navigate to **Firewall -> pfBlockerNG -> IP -> IPv4**.
+  * Click the **Add** button.
+  * Give it a **Name** and **Description**.
+Add in as many **IP Source Definitions** as needed.
+<WRAP info>
+Set:
+  * Type:  **Auto**.
+  * State: **On**.
+See [[PFSense:pfBlockerNG:pfBlockerNG IP Lists - IPv4|pfBlockerNG IP Lists - IPv4]]
+</WRAP>
+{{:pfsense:pfblockerng:install_pfblockerng:pfsense_-_firewall_-_pfblockerng_-_ip_-_ipv4_-_ipv4.png?800|}}
+----
+In **Settings**:
+  * State: **ON**.
+  * Action: **Deny Both**.
+  * Update Frequency: **Once per day**.
+{{:pfsense:pfblockerng:install_pfblockerng:pfsense_-_firewall_-_pfblockerng_-_ip_-_ipv4_-_ipv4_-_settings.png?800|}}
+----
+==== IPv6 ====
+Navigate to **Firewall -> pfBlockerNG -> IP -> IPv6**.
+  * Click the **Add** button.
+  * Give it a **Name** and **Description**.
+Add in as many **IP Source Definitions** as needed.
+<WRAP info>
+Set:
+  * Type:  **Auto**.
+  * State: **On**.
+See [[PFSense:pfBlockerNG:pfBlockerNG IP Lists - IPv6|pfBlockerNG IP Lists - IPv6]]
+</WRAP>
+{{:pfsense:pfblockerng:install_pfblockerng:pfsense_-_firewall_-_pfblockerng_-_ip_-_ipv6_-_ipv6.png?800|}}
+----
+In **Settings**:
+  * State: **ON**.
+  * Action: **Deny Both**.
+  * Update Frequency: **Once per day**.
+----
+==== GeoIP ====
+Navigate to **Firewall -> pfBlockerNG -> IP -> GeoIP**.
+<WRAP info>
+**NOTE:**  GeoIP is not used.
+All Actions are **Disabled**.
+Reason is that many services, such as AWS, utilize services in other countries, so if a country is blocked this may result in impacting legitimate sites,
+</WRAP>
+{{:pfsense:pfblockerng:install_pfblockerng:pfsense_-_firewall_-_pfblockerng_-_ip_-_geoip.png?800|}}
+----
+==== Reputation ====
+{{:pfsense:pfblockerng:install_pfblockerng:pfsense_-_firewall_-_pfblockerng_-_ip_-_reputation.png?800|}}
 ----
-[[PFSense:pfBlockerNG:Install pfBlockerNG:Setup DNSBL Blocking|Setup DNSBL Blocking]]
+Return to [[PFSense:pfBlockerNG:Install pfBlockerNG|Install pfBlockerNG]] or continue to [[PFSense:pfBlockerNG:Install pfBlockerNG:Setup DNSBL Blocking|Setup DNSBL Blocking]].
 ----