Professional Documents
Culture Documents
Firewall - pfBlockerNG - General PDF
Firewall - pfBlockerNG - General PDF
Firewall - pfBlockerNG - General PDF
General
General Update Alerts Reputation IPv4 IPv6 DNSBL GeoIP Logs Sync
General Settings
LINKS
Enable pfBlockerNG
Enable/Disable
Keep Settings
Keep settings
Note: With 'Keep settings' enabled, pfBlockerNG will maintain run state on Installation/Upgrade.
If 'Keep Settings' is not 'enabled' on pkg Install/De-Install, all settings will be Wiped!
Note: To clear all downloaded lists, uncheck these two checkboxes and 'Save'. re-check both boxes and run a 'Force Update'
CRON Settings
Every hour
Default: Every hour
Select the Cron hour interval.
: 45
Default: :00
Select the Cron update minute.
0
Default: 0
Select the Cron start hour.
10
Default: 0
Select the 'Daily/Weekly' start hour.
De-Duplication
CIDR Aggregation
Optimise CIDRs (not recommended for slow systems with large lists)
Suppression
This will prevent Selected IPs from being blocked. Only for IPv4 lists (/32 and /24).
Global Logging
Firewall Rule logging - Enable Global logging to [ Status: System Logs: FIREWALL Log ].
This overrides any log settings in the Continent/IPv4/6 Alias tabs. (DNSBL not included)
http://187.75.209.246:81/pkg_edit.php?xml=pfblockerng.xml 1/3
26/06/2018 PRJGWSP.intranet.projectus.com.br - Firewall: pfBlockerNG: General
English
Select the localized name data from the Language options available.
Changes to the Locale will be executed in the background, and will take a few minutes to complete.
Upon completion, a pfSense Notice will be generated.
This will disable the MaxMind monthly GeoIP database Cron update. This does not affect the MaxMind binary cron task.
2
Default: No limit
Select max daily download failure threshold via CRON. Clear widget 'failed downloads' to reset.
On a download failure, the previously downloaded list is reloaded.
Logfile Size
10000
Default: 20000
Select number of Lines to keep in the pfblockerng.log, geoip.log, extras.log and dnsbl.log files
Interface/Rules Configuration
Inbound Firewall Rules
LAN
DMZ
WAN
Select the Inbound interface(s) you want to apply auto rules to:
Block
Default: Block
Select 'Rule action' for Inbound rules:
LAN
DMZ
WAN
Select the Outbound interface(s) you want to apply auto rules to:
Reject
Default: Reject
Select 'Rule action' for Outbound rules:
OpenVPN Interface
Select to add auto-rules for OpenVPN. This is only required when the OpenVPN Interface is not listed above.
OpenVPN Server (Outbound auto-rules only), OpenVPN Client (Both In/Outbound auto-rules)
These will be added to 'Floating Rules' or OpenVPN rules tab.
IPSec Interface
Select to add 'Outbound' auto-rules for IPSec. These will be added to 'Floating Rules' or IPSec rules tab.
Floating Rules
http://187.75.209.246:81/pkg_edit.php?xml=pfblockerng.xml 2/3
26/06/2018 PRJGWSP.intranet.projectus.com.br - Firewall: pfBlockerNG: General
Enabled: Auto-rules will be generated in the 'Floating Rules' tab
Disabled: Auto-rules will be generated in the selected Inbound/Outbound interfaces
Rules will be ordered by the selection below.
Rule Order
auto rule
Default: auto rule
Select 'Auto Rule' description suffix for auto defined rules. pfBlockerNG must be disabled to modify suffix
Kill States
When 'Enabled', after a cron event or any 'Force' commands, any blocked IPs found in the Firewall states will be cleared.
Acknowledgements
Credits
Support
pfBlockerNG is developed by BBcan177, and can be reached at [ bbcan177 'at' gmail 'dot' com ]
Save
Click to SAVE Settings and/or Rule edits. Changes are applied via CRON or 'Force Update'
pfSense is © 2004 - 2018 by Rubicon Communications, LLC (Netgate). All Rights Reserved. [view license]
http://187.75.209.246:81/pkg_edit.php?xml=pfblockerng.xml 3/3