Describe your package here Describe your package requirements here Currently there are no FAQ items provided. pfblockerngtopspammers 1.0 pfBlockerNG: Top 20 Spammer Countries /usr/local/pkg/pfblockerng/pfblockerng.inc pfBlockerNG: Save Top20 settings pfBlockerNG Configure pfblockerNG
Firewall
pkg_edit.php?xml=pfblockerng.xml General /pkg_edit.php?xml=pfblockerng.xml Update /pfblockerng/pfblockerng_update.php Alerts /pfblockerng/pfblockerng_alerts.php Reputation /pkg_edit.php?xml=/pfblockerng/pfblockerng_reputation.xml IPv4 /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml IPv6 /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml DNSBL /pkg_edit.php?xml=/pfblockerng/pfblockerng_dnsbl.xml Country /pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml Top 20 /pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml 2 Africa /pkg_edit.php?xml=/pfblockerng/pfblockerng_Africa.xml 2 Asia /pkg_edit.php?xml=/pfblockerng/pfblockerng_Asia.xml 2 Europe /pkg_edit.php?xml=/pfblockerng/pfblockerng_Europe.xml 2 North America /pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml 2 Oceania /pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml 2 South America /pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml 2 Proxy and Satellite /pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml 2 Logs /pfblockerng/pfblockerng_log.php Sync /pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml listtopic Note: pfSense by default implicitly blocks all unsolicited inbound traffic to the WAN interface. Therefore adding GeoIP based firewall rules to the WAN will not provide any benefit, unless there are open WAN ports. Also consider protecting just the specific open WAN ports. It's also not recommended to block the 'world', instead consider rules to 'Permit' traffic from selected Countries only. Finally, it's just as important to protect the outbound LAN traffic.]]> info LINKS Firewall Alias  Firewall RulesFirewall Logs]]> info countries4
Top 20
Spammer Countries

Use CTRL + CLICK to select/unselect countries
]]>
IPv4 Countries]]> select 20 begin countries6
IPv6 Countries
]]> select 20 end List Action Default: Disabled

Select the Action for Firewall Rules on lists you have selected.

'Disabled' Rules: Disables selection and does nothing to selected Alias.

'Deny' Rules:
'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are:
  • Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list
  • Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction.
  • One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction.
'Permit' Rules:
'Permit' rules create high priority 'pass' rules on the stated interfaces. They are the opposite of Deny rules, and don't create any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:
  • To ensure that traffic to/from the listed IPs will always be allowed in the stated directions. They override almost all other Firewall rules on the stated interfaces.
  • To act as a whitelist for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a few IPs that should be accessible.
'Match' Rules:
'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic.
  • Match Both - Matches all traffic in both directions, if the source or destination IP is in the list.
  • Match Inbound/Match Outbound - Matches all traffic in one direction only.
'Alias' Rules:
'Alias' rules create an alias for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired.
  • Options - Alias Deny,  Alias Permit,  Alias Match,  Alias Native

  • 'Alias Deny' can use De-Duplication and Reputation Processes if configured.

  • 'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules

  • 'Alias Native' lists are kept in their Native format without any modifications.
Note:
    When manually creating 'Alias' type firewall rules; Do not add (pfB_) to the start of the rule description, use (pfb_) (Lowercase prefix). Manually created 'Alias' rules with 'pfB_' in the description will be auto-removed by package when 'Auto' rules are defined.
]]> action select Enable Logging aliaslog Enable
Select - Logging to Status: System Logs: FIREWALL ( Log )]]> select Advanced Inbound Firewall Rule Settings listtopic info Note: In general, Auto-Rules are created as follows:
    Inbound  - 'any' port, 'any' protocol and 'any' destination
    Outbound - 'any' port, 'any' protocol and 'any' destination address in the lists
Configuring the Adv. Inbound Rule settings, will allow for more customization of the Inbound Auto-Rules.
Select the pfSense 'Port' and/or 'Destination' Alias below:]]> autoports Enable Custom Port checkbox aliasports begin Define Alias aliasports Click Here to add/edit Aliases Do not manually enter port numbers.
Do not use 'pfB_' in the Port Alias name.]]> 21 aliases port end autodest Enable Custom Destination checkbox aliasdest,autonot begin aliasdest Click Here to add/edit Aliases Do not manually enter Addresses(es).
Do not use 'pfB_' in the 'IP Network Type' Alias name.]]> 21 aliases network Invert autonot Invert - Option to invert the sense of the match.
ie - Not (!) Destination Address(es)]]> checkbox end Custom Protocol autoproto Default: any
Select the Protocol used for Inbound Firewall Rule(s).
Do not use 'any' with Adv. Inbound Rules as it will bypass these settings!]]> select 4 Click to SAVE Settings and/or Rule Edits.   Changes are Applied via CRON or 'Force Update']]> listtopic