IP and URL Block Lists

[Noob3]

I am a PfSense user at the moment and the one thing I am obsessed with is IP and URL Block Lists.

Is there going to be a package like PFblocker for Opnsense??
Also country blocker?

Or is that on the to do list

Many thanks this looks like a great firewall project

[phoenix]

How about Suricata (the inline IPS), you can find more details here: https://wiki.opnsense.org/manual/ips.html

[fabian]

URL Blocking: https://docs.opnsense.org/manual/how-tos/proxywebfilter.html

[Noob3]

O thats fantastic I like that looks great!

[mimugmail]

Geoblocking via Aliases will receive a really nice update within the next releases:

https://github.com/opnsense/core/issues/1860#issuecomment-336718443

[franco]

Sorry for the ugly dev capture there (mea culpa), the end result is:

https://user-images.githubusercontent.com/1915288/31587781-d9435510-b1e7-11e7-9a23-7a88c0a663b1.png

It'll be in 17.7.7.


Cheers,
Franco

[cyberzeus]

Hello OPNsense folks,

Aside from the proxy method described here, I have read that this functionality can be accomplished using aliases.  However, even with that, there is a lot of pfBlocker functionality not present in OPNsesne that, if added, would be of great benefit to the platform.

With that in mind, are there any plans to provide a fully functional pfB port or similar to OPNsense? 

It is a very useful and powerful package as it offloads a lot of load and resource drain from the IPS and adds in other functionality as well.

Thanks.

[franco]

The plan has been repeated a lot in this forum, not just lately. Let me reiterate.

Make a suggestion on GitHub about what part of pfBlockerNG you are interested in and we will work on a seamless integration. The goal cannot be to port the package. It's very powerful indeed, but it could be even more so if part of the core functionality with streamlined UX.

That being said, others have committed privately to working on particular parts of the integration, namely feeds, whitelists, IP and Host/ASN. The more the merrier. Usually all it takes is for one person to kickstart the work.


Cheers,
Franco

[l0rdraiden]

Any news about how this is evolving?

[mimugmail]

With 18.7.1 there is a Bind plugin where you can use DNSBLs like PiHole or pfBlockerNG.
Just install, enable, and do a portforward from some test IPs ..

[l0rdraiden]

Yeah but that would imply to run pfsense with pfblockerng  and opnsense at the same time, which make no sense if you can simply run pfsense.

Someone mention that there was people working in private to bring some pfblockerng capabilities to opnsense, any news about this?

[mimugmail]

Why would you need pfsense when OPN has a Bind Plugin supporting DNSBL?

[l0rdraiden]

Sorry I understood you wrong.

And then for IPBlock lists is there any option?

[mimugmail]

It's already possible via URL Table alias:

https://docs.opnsense.org/manual/aliases.html#url-tables
https://www.routerperformance.net/opnsense/using-pfblocker-features-in-opnsense/

[l0rdraiden]

It's possible to whitelist DNSBL and IP false block easily?
It's possible apply the block lists only to specific ports?
Does opnsense merge the lists to avoid duplicated entries?