IP and URL Block Lists

Started by Noob3, October 14, 2017, 04:50:08 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
October 14, 2017, 04:50:08 PM
I am a PfSense user at the moment and the one thing I am obsessed with is IP and URL Block Lists.

Is there going to be a package like PFblocker for Opnsense??
Also country blocker?

Or is that on the to do list ;)

Many thanks this looks like a great firewall project ;)
October 14, 2017, 04:59:45 PM #1
How about Suricata (the inline IPS), you can find more details here: https://wiki.opnsense.org/manual/ips.html
Regards


Bill
October 14, 2017, 05:07:36 PM #2
October 18, 2017, 12:39:40 PM #3
O thats fantastic I like that ;) looks great!
October 18, 2017, 02:17:10 PM #4
Geoblocking via Aliases will receive a really nice update within the next releases:

https://github.com/opnsense/core/issues/1860#issuecomment-336718443
October 18, 2017, 11:07:59 PM #5
Sorry for the ugly dev capture there (mea culpa), the end result is:

https://user-images.githubusercontent.com/1915288/31587781-d9435510-b1e7-11e7-9a23-7a88c0a663b1.png

It'll be in 17.7.7.


Cheers,
Franco
December 31, 2017, 08:53:01 AM #6 Last Edit: December 31, 2017, 10:03:08 AM by cyberzeus
Hello OPNsense folks,

Aside from the proxy method described here, I have read that this functionality can be accomplished using aliases.  However, even with that, there is a lot of pfBlocker functionality not present in OPNsesne that, if added, would be of great benefit to the platform.

With that in mind, are there any plans to provide a fully functional pfB port or similar to OPNsense? 

It is a very useful and powerful package as it offloads a lot of load and resource drain from the IPS and adds in other functionality as well.

Thanks.
January 04, 2018, 10:03:39 PM #7
The plan has been repeated a lot in this forum, not just lately. Let me reiterate.

Make a suggestion on GitHub about what part of pfBlockerNG you are interested in and we will work on a seamless integration. The goal cannot be to port the package. It's very powerful indeed, but it could be even more so if part of the core functionality with streamlined UX.

That being said, others have committed privately to working on particular parts of the integration, namely feeds, whitelists, IP and Host/ASN. The more the merrier. Usually all it takes is for one person to kickstart the work. :)


Cheers,
Franco
August 24, 2018, 07:55:07 PM #8
Any news about how this is evolving?
August 24, 2018, 08:50:56 PM #9
With 18.7.1 there is a Bind plugin where you can use DNSBLs like PiHole or pfBlockerNG.
Just install, enable, and do a portforward from some test IPs ..
August 25, 2018, 11:40:16 AM #10
Yeah but that would imply to run pfsense with pfblockerng  and opnsense at the same time, which make no sense if you can simply run pfsense.

Someone mention that there was people working in private to bring some pfblockerng capabilities to opnsense, any news about this?
August 25, 2018, 12:51:23 PM #11
Why would you need pfsense when OPN has a Bind Plugin supporting DNSBL?
August 25, 2018, 02:05:39 PM #12
Sorry I understood you wrong.

And then for IPBlock lists is there any option?
August 25, 2018, 02:07:49 PM #13
August 26, 2018, 11:11:22 AM #14
It's possible to whitelist DNSBL and IP false block easily?
It's possible apply the block lists only to specific ports?
Does opnsense merge the lists to avoid duplicated entries?
Print
Go Up Pages1 2
User actions