PFSense - pfBlockerNG

pfBlockerNG extends the capability of the pfSense firewall beyond the traditional stateful firewall.

pfBlockerNG adds the ability to allow/deny decisions based upon items such as Geo-location, IP address, Alexa rating and the Domain Name.

The lists of IP addresses, Domain Names and Geo-Locations are usually provided by third parties.

NOTE: pfblockerNG Domain Name (DNSBL) blocking only functions with the DNS Resolver service active.

  • It will not function with the DNS Forwarder service active.
  • If you need DNS Forwarding functionality, it is highly recommended to enable forwarding mode in the DNS Resolver service.

Add DNSBL Feeds

Blocklists

Bypass pfBlockerNG for specific clients

DNSBL

Install pfBlockerNG

IP

Selectively enforcing pfBlockerNG for specific clients or networks

Stats and Graphs

Test

Troubleshooting

Whitelisting


References

https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html

https://forum.netgate.com/topic/91736/pfblockerng-v2-0-w-dnsbl

https://www.linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/

https://github.com/jmdugan/blocklists/blob/master/corporations/facebook/all