pfsense:pfblockerng:install_pfblockerng:setup_ip_blocking
This is an old revision of the document!
Table of Contents
PFSense - pfBlockerNG - Install pfBlockerNG - Setup IP Blocking
IP Configuration
Navigate to Firewall → pfBlockerNG → IP.
Within the IP Configuration section:
- De-Duplication: Checked
- CIDR Aggregation: Not checked
- Suppression: Checked
- Force Global IP Logging: Not checked
- Placeholder IP Address: 127.1.7.7
- ASN Reporting: Disabled
MaxMind GeoIP configuration
Navigate to Firewall → pfBlockerNG → IP.
Within the MaxMind GeoIP configuration section:
- MaxMind License Key: Enter the MaxMind License Key. If you don't have a key, register for one on the Maxmind Site.
- MaxMind Localized Language: English.
- MaxMind CSV Updates: Not Checked.
IP Interface/Rules Configuration
Within the IP Interface/Rules Configuration section:
- Inbound Firewall Rules: WAN and Block.
- Outbound Firewall Rules: LAN and Reject.
- If you have more than one internal interfaces, press CTRL or CMD (for Mac users) and click on each interface to be included.
- Floating Rules: Checked.
- Firewall 'Auto' Rule Order: Select the top option.
- Firewall 'Auto' Rule Suffix: auto rule.
- Kill States: Checked.
Scroll to the bottom of the page and click the Save button.
Setup Custom IP Lists
See IP Lists
Navigate to Firewall → pfBlockerNG → IP → IPv4.
- Click the Add button.
- Give it a Name and Description.
Add in as many IP Source Definitions as needed.
Set:
- State: ON.
- Action: Deny Both.
- Update Frequency: Once per day.
For Example:
Return to Install pfBlockerNG or continue to Setup DNSBL Blocking.
pfsense/pfblockerng/install_pfblockerng/setup_ip_blocking.1611830435.txt.gz · Last modified: 2021/01/28 10:40 by peter