Scribd Logo
Upload

Welcome to Scribd!

  • Firewall - pfBlockerNG - General PDF

    Uploaded by

    Anonymous oQGQn7eS
    46 views3 pages

    Original Title

    PRJGWSP.intranet.projectus.com.br - Firewall_ pfBlockerNG_ General.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    46 views3 pages

    Firewall - pfBlockerNG - General PDF

    Uploaded by

    Anonymous oQGQn7eS

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    26/06/2018 PRJGWSP.intranet.projectus.com.

    br - Firewall: pfBlockerNG: General

    General 

    General Update Alerts Reputation IPv4 IPv6 DNSBL GeoIP Logs Sync

    General Settings
    LINKS

    Firewall Alias  Firewall Rules Firewall Logs

    Enable pfBlockerNG

    Enable/Disable

    Keep Settings

    Keep settings
    Note: With 'Keep settings' enabled, pfBlockerNG will maintain run state on Installation/Upgrade.
    If 'Keep Settings' is not 'enabled' on pkg Install/De-Install, all settings will be Wiped!

    Note: To clear all downloaded lists, uncheck these two checkboxes and 'Save'. re-check both boxes and run a 'Force Update'

    CRON Settings

    Every hour
    Default: Every hour
    Select the Cron hour interval.
    : 45
    Default: :00
    Select the Cron update minute.
    0
    Default: 0
    Select the Cron start hour.
    10
    Default: 0
    Select the 'Daily/Weekly' start hour.

    De-Duplication

    Only used for IPv4 Deny Lists

    CIDR Aggregation

    Optimise CIDRs (not recommended for slow systems with large lists)

    Suppression

    This will prevent Selected IPs from being blocked. Only for IPv4 lists (/32 and /24). 
    Global Logging

    Firewall Rule logging - Enable Global logging to [ Status: System Logs: FIREWALL Log ].
    This overrides any log settings in the Continent/IPv4/6 Alias tabs. (DNSBL not included)

    MaxMind Localized Language

    http://187.75.209.246:81/pkg_edit.php?xml=pfblockerng.xml 1/3
    26/06/2018 PRJGWSP.intranet.projectus.com.br - Firewall: pfBlockerNG: General

    English
    Select the localized name data from the Language options available.
    Changes to the Locale will be executed in the background, and will take a few minutes to complete.
    Upon completion, a pfSense Notice will be generated.

    Disable MaxMind Updates

    This will disable the MaxMind monthly GeoIP database Cron update. This does not affect the MaxMind binary cron task.

    Download Failure Threshold

    2
    Default: No limit
    Select max daily download failure threshold via CRON. Clear widget 'failed downloads' to reset.
    On a download failure, the previously downloaded list is reloaded.

    Logfile Size

    10000
    Default: 20000
    Select number of Lines to keep in the pfblockerng.log, geoip.log, extras.log and dnsbl.log files

    Interface/Rules Configuration
    Inbound Firewall Rules

    LAN
    DMZ
    WAN

    Select the Inbound interface(s) you want to apply auto rules to:
    Block
    Default: Block
    Select 'Rule action' for Inbound rules:

    Outbound Firewall Rules

    LAN
    DMZ
    WAN

    Select the Outbound interface(s) you want to apply auto rules to:
    Reject
    Default: Reject
    Select 'Rule action' for Outbound rules:

    OpenVPN Interface

    Select to add auto-rules for OpenVPN. This is only required when the OpenVPN Interface is not listed above.
    OpenVPN Server (Outbound auto-rules only), OpenVPN Client (Both In/Outbound auto-rules)
    These will be added to 'Floating Rules' or OpenVPN rules tab.

    IPSec Interface

    Select to add 'Outbound' auto-rules for IPSec. These will be added to 'Floating Rules' or IPSec rules tab.

    Floating Rules

    http://187.75.209.246:81/pkg_edit.php?xml=pfblockerng.xml 2/3
    26/06/2018 PRJGWSP.intranet.projectus.com.br - Firewall: pfBlockerNG: General
    Enabled: Auto-rules will be generated in the 'Floating Rules' tab
    Disabled: Auto-rules will be generated in the selected Inbound/Outbound interfaces
    Rules will be ordered by the selection below.

    Rule Order

    | pfB_Block/Reject | All other Rules | (original format)

    Default Order: | pfB_Block/Reject | All other Rules | (original format) 


    Auto Rule Suffix

    auto rule
    Default: auto rule
    Select 'Auto Rule' description suffix for auto defined rules. pfBlockerNG must be disabled to modify suffix

    Kill States

    When 'Enabled', after a cron event or any 'Force' commands, any blocked IPs found in the Firewall states will be cleared.

    Acknowledgements
    Credits

    pfBlockerNG Created in 2015 by BBcan177.

    Based upon pfBlocker by Marcello Coutinho and Tom Schaefer.


    GeoIP database GeoLite2 distributed under the Creative Commons Attribution-ShareAlike 4.0 International License by:
    MaxMind Inc. @ MaxMind.com. The GeoIP database is automatically updated the first Tuesday of each month

    Support

    pfBlockerNG is developed by BBcan177, and can be reached at  [ bbcan177 'at' gmail 'dot' com ]

     Save

    Click to SAVE Settings and/or Rule edits. Changes are applied via CRON or 'Force Update'

     pfSense is © 2004 - 2018 by Rubicon Communications, LLC (Netgate). All Rights Reserved. [view license] 

    http://187.75.209.246:81/pkg_edit.php?xml=pfblockerng.xml 3/3

    You might also like