Personal tools

IP Blocklist

From PFSenseDocs

Jump to: navigation, search


Info

Just like PeerGuardian2 the IP-Blocklist package can block ranges of IPs from lists or manual input. This is a Global IP blocking package.

This package uses the pf (pfctl) to block IP addresses. For each IP range or list added a pf table is made and applied to the firewall to prevent traffic from being sent to and traffic from being received from the target. You can either enter an IP range manually (experimental) or add a list from sites like iblocklist.com. Tested on 1.2.2, 1.2.3, and 2.0BETA with FF & Chrome. IE is not supported at this time.


Current Version: 3.0.1

New features include email notification, interface filtering, outbound access, and much more. This update uses pf tables as the blocking method. This brings a huge performance boost but uses more ram


Limits

Lists can have any extension BUT if the list is compressed only .gz is supported. Long lists take more ram (not much) Increase your php memory limit in /etc/inc/config.inc to avoid issues if you use many lists

Format The lists must be in the PeerBlock or PeerGuardian2 format. Single IP Example: NAS:192.168.1.110-192.168.1.110 Range IP Example: HOME:192.168.1.0-192.168.1.255

FAQ

Q: How do I know if the list got applied?

A: The package web interface will display the current status.

Q: I notice a performance drop with network traffic after applying

A: When applying the list at the system has to download and process the list. This should only take less than 2 mins.

Q: I have the "Enable" check box checked but I don't think its blocking any IPs

A: Any Errors will be at the bottom of the page when you press Save/Update

Q: My list site only give dynamic links to lists (I can't get a direct link to the file)

A: You need a direct link to the file in order for the package to work. Use a download manager like FF has. Download the file then go back to the download manager and copy the file link. Paste that into the package. File upload may be in a future version.

Q: Where can I get lists to block SPAM and other bad IPs?

A: http://www.iblocklist.com/lists.php

Q: I think I can improve your package or add features, how can I help?

A: Send me a PM

Q: I'm running embedded and it's not working

A: http://forum.pfsense.org/index.php/topic,24769.msg170314.html#msg170314

Q: Do you have any lists that we can use?

A: My favorite lists include the following:

http://iblocklist.dbnservers.net/files/bt_spyware.gz

http://withhorns.com/files/ficutxiwawokxlcyoeye.gz

http://iblocklist.dchubad.com/files/ghlzqtqxnzctvvajwwag.gz

http://list.iblocklist.com/files/sh_drop.gz

http://www.tomschaefer.org/temp/pfsense/IP-Blocklist-ForumSpam.txt

http://iblocklist.dchubad.com/files/bt_ads.gz

http://www.tomschaefer.org/temp/pfsense/MISC-Block.txt

The TomSchaefer.org ones are my custom lists that I made.

Troubleshooting

Know Issues

WARNING: Duplicate entries do not work, Duplicate entries per list cancel out WARNING

1. If you make your own list like I do and you accidentally have a duplicate entry in the list it will cancel out and will not be blocked. This is a bug that is caused by the Perl script that interprets your lists.

Example duplication: unkn:194.71.107.25-194.71.107.25 ad:194.71.107.25-194.71.107.25

This will result in the IP not being blocked. The Fix: Just be careful when creating your own lists. If your paranoid run you "sort happybirthday.txt | uniq " your lists!

Again this will only apply to people that make their own lists. Publishers of official IP lists filter for duplicates for you.

2. Some people have been having issues getting the package to run. Before you think you need to rebuild pfsense try a simple test first. Go to Firewall -> Rules and pick a random entry. Click the edit button. Don't make any changes! Now click save. Go back to your package. Ensure Enable is checked and Click save. Your package should be running now.



If the above does not fix your issue or you have another problem please go to the official support page located here: [http://forum.pfsense.org/index.php/topic,24769.0.html ]

Screen Shots