Use PFSense with pfBlockerNG DNSBL to Block Ads Malware Ransomware and Web Tracking

pfBlockerNG has been around since 2018, and is a free and open source distributed package. Since its inception, pfBlockerNG DNSB was created specifically for the PFSense Router software. With the pfBlockerNG DNSBL feature, PFSense is able to block ads, block dangerous content such as gambling, alcohol and other advantages that deserve a thumbs up in pfBlockerNG's ability to carry out geographic blocking with the help of MaxMid.

Dengan menambahkan paket pfBlockerNG pada Router PFSense Anda, berarti Anda telah melakukan tindakan pemblokiran iklan dan juga dapat melakukan pelacakan web, ransomware dan malware. Saat Anda mulai mengaktifkan pfBlockerNG, Anda langsung mendapatkan layanan ekstra dalam hal keamanan jaringan dan juga mendapatkan privasi ekstra, karena seluruh sistem PFSense Anda dilindungi oleh pfBlockerNG dengan bantuan fitur DNSBL (short for Domain Name System-based Blackhole List).

The pfBlockerNG package can also block the internet with certain IP addresses. You can choose the IP address from one of the specific countries or regions where you think blocking action should be taken. This kind of action can be useful because IP address restrictions make it difficult for hackers who try to enter your system.

In this article we will explain how to use DNSBL from the pfBlockerNG package to remove ads and block malware, spamware. In this writing, we use PFSense version 2.7.2-RELEASE (amd64).




1. pfBlockerNG DNSBL package installation

Before you install pfBlockerNG, make sure you have activated the Unbound DNS server (DNS Resolver). If not, activate the DNS resolver first. You can read the previous article on how to enable Unbound DNS server in PFSense.


However, to set up pfBlockerNG, you must enable the Python package in DNS Resolver. Look at the image below to enable the Python package in DNS Resolver.



To install the pfBlockerNG DNSBL package, first you click System ->> Package Manager ->> Available Packages, then you look for the pfBlockerNG package and click the green Install button. Wait until the installation process is complete.

Then you continue by setting up pfBlockerNG, by clicking the Firewall ->> pfBlockerNG. For the first installation you will be shown the "Wizard" menu, as shown below.



Click the "Next" button to continue until the image below appears.





2. General Settings of pfBlockerNG DNSBL

After the installation process is complete, we continue with the general settings for pfBlockerNG, to do this, click Firewall ->> pfBlockerNG ->> General.



After that, you click the "IP" option. You can leave other settings as default. To fill in the "MaxMind GeoIP configuration" column, you must register MaxMind GeoIP. Get Account ID and License key at " https://www.maxmind.com/en/geolite2/signup".





3. Enable DNSBL

In this section we will set how to activate DNSBL. click Firewall ->> pfBlockerNG ->> DNSBL. Then you fill in each column according to the guide below.

DNSBL

DNSBL: Check
DNSBL Mode: Unbound python mode
Wildcard Blocking (TLD): Check
Python Control: Uncheck
DNS Reply Logging: Check
DNSBL Blocking: Check
HSTS mode: Check
TLD Allow: Uncheck
IDN Blocking: Uncheck
Regex Blocking: Uncheck
CNAME Validation: Check
no AAAA: Uncheck
Python Group Policy: Uncheck

DNSBL Webserver Configuration

Virtual IP Address: 10.10.10.1
IPv6 DNSBL: Uncheck
DNSBL VIP Type: IP Alias
Web Server Interface: Localhost
DNSBL Event Logging: Uncheck

DNSBL Configuration

Permit Firewall RulesEnable: Uncheck
Global Logging/Blocking Mode: No Global mode
Blocked Webpage: dnsbl_default.php
Resolver cache: Check

After that, you click Firewall ->> pfBlockerNG ->> DNSBLDNSBL ->> Category. To block porn sites or adult sites.





4. Enable IPv4 Blocking

In the pfBlockerNG package, by default PFSense enables PRI1 decoys. The feed is a publicly available block list that the pfBlockerNG package is configured to synchronize regularly. To see a list of enabled IPv4 feeds, click to Firewall ->> pfBlockerNG -> IP ->> IPv4.

After that enable additional IPv4 feeds in your pfBlockerNG package. This aims to avoid false positives because the PRI1 bait has quite wide coverage, it is likely that the bait will miss the real threat. To enable IPv4 feeds, click Firewall ->> pfBlockerNG ->> Feeds.




So the results from the IP4 Feed will look like the image below.


5. Enable MaxMind GeoIP

One of the main features of pfBlockerNG is GeoIP from MaxMind Inc. This feature is used to limit internet access to certain countries or regions. To activate the GeoIP feature, click Firewall ->> pfBlockerNG ->> IP ->> GeoIP.

In the picture above, we only block African countries and block Proxy and Satellite.

Adding pfBlockerNG to the PFSense router was the right decision. You can help prevent children or adults from using the internet for good purposes. You really help to protect them from bad things.
Iwan Setiawan

I Like Adventure: Mahameru Mount, Rinjani Mount I Like Writer FreeBSD

Post a Comment

Previous Post Next Post