pfSense Blocklists | pfBlockerNG
Вставка
- Опубліковано 1 кві 2019
- This part of the pfSense video series looks at how to use the psSense BlockerNG application to run blocklists, how to whitelist a site, and how to bypass the blocker entirely.
More videos:
Basic Setup:
• Basic PFSense Router S...
Backups and Updates:
• What You Need to Know ...
Why I Use pfSense:
• Pfsense: 5 Reasons to ...
-----------
Support Switched to Linux!
👕 Merch: shop.switchedtolinux.com
🛒 Amazon: tlm.li/amazon
💰 Support: switchedtolinux.com/support
🛒 Affiliates: switchedtolinux.com/affiliates
👥 Multichannel Support: thinklifemedia.com
💰 Patreon: /TomM
-----------
Social Media:
🐦 Twitter: @switchedtolinux
🐸 Gab: @switchedtolinux
💡 Minds: @switchedtolinux
MeWe: /p/switchedtolinux
Reddit: /u/switchedtolinux
Mastodon: fosstodon.org/@switchedtolinux
-----------
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites. - Наука та технологія
Recommend to use pfBlockerNG-devel which is much improved and includes an integrated Feeds Tab for IP and Domain based Feeds. Check out the /r/pfBlockerNG sub-reddit
Thanks for talking about your hosts file
The host file IS NOT part of DNS.
It is a first step BEFORE DNS gets used.
I keep asking people if I can see the GeoIP information from incoming WAN Blocks by the default global WAN rule to block everything. I want to GeoIP the log and have it display the country, automatic and dynamically. A few have suggested PFBlocker but I do not see this anywhere in pfblocker. I do see GEOip blocking but again I am using the default rule and just want to see the countries that are attempting... right now I copy and paste the IPs from the firewall log to shodan or greysense. Thanks for all the great videso.
anyone know about mobile apps block in pfsense like whatsapp ?????
I forgot how to make your HOSTS File work on the Ubuntu 18.04 Series (Linux 19.1)
Replace the 127.0.0.1 with 0.0.0.0
@@SwitchedtoLinux Okay, Thanks! I thought that's what you said.
Just FYI, if you want to null route DNS entries, etc, you should really use 0.0.0.0 as the address, 127.0.0.1 is useful for testing on local servers and such, it's best not to route anything to your local system unless you intend it to be routed there.
Incorrect...127.0.0.1 goes to the local which is a control. 0.0.0.0 is undefined by the system and any time something is undefined, it can be comprimised; that is why 127.0.0.1 is preferred but both of them work.
@@SwitchedtoLinux Without wanting to sound condescending, I just to put context in before I respond. I'm a network and systems engineer; 0.0.0.0 is actually a defined address, it's just non-routable meta-address with a special meaning. It's the safest null route location to go to as it's the only null route.
0.0.0.0/0 is used in routing tables to designate a default route for all traffic.
On servers/daemons, listening on 0.0.0.0 means to listen on all interfaces.
Sending traffic to 0.0.0.0 (or IPv6 equivalent's ::0) is perfectly legitimate, it simply black holes; whereas sending traffic to localhost could potentially hit something.
In terms of linux, the linux kernel is perfectly capable of handling such requests, as are the windows nt and macos kernels. Due to the non-routability of the addresses, all traffic is also dropped/ignored by upstream routers as well.
There is also a performance benefit to using 0.0.0.0 as browsers generally skip even connecting to that address, unlike localhost which will attempt connection and wait for timeouts.
you can see this in practice with what Pihole are doing: docs.pi-hole.net/ftldns/blockingmode/#pi-holes-unspecified-ip-blocking-default
I will test this out on my systems and see what it does.
First
EDIT:Guys I’m really really very sorry for saying this It used to be a funny joke Switched to Linux Pizzalovingnerd and I used to play-regards,LinuxDev91
Richard Addison BRUH. Calm down it’s a joke that Switched to Linux Pizzalovingnerd and I play
Richard Addison I mean I’ll remove it if you want
Google is 8.8.8.8 & 8.8.4.4