Stop Malware With Pfblocker

If you are running a Pfsense Firewall than chances are, you have probably heard of Pfblocker. Whether you have heard of Pfblocker or not, we consider this plugin a “Must Have” addition to any pfsense firewall. Pfblocker allows you to add IP block list and country block functions to a pfsense firewall or router and has replaced both Countryblock and IPblocklist in the 2.x branches of pfsense. If you have done any research into malware, you will find that typically when a machine is infected from a website, the payload that infects the computer is typically being pulled from not so friendly countries. Running Pfblocker will help prevent malware payloads from being downloaded from the countries you specify. Now we will move on to installation below. First you will want to navigate to System > Packages > Available Packages and click the + sign to install. Once the package is installed, it can be configured under Firewall > pfblocker. Under general settings seen below, you can enable pfblocker and select the interfaces and deny actions.pfblocker-generalOnce you have configured your general settings, you can now start adding lists. Typically a good starting point is the Top Spammers tab. Below you will see that all the Top Spammer countries have been selected and are being denied access in both directions.pfblocker-spammerslFor the purpose of this article we will not cover any other tabs as block lists are very personal choices based on your computer usage and need. It is important to point out that using block lists is extremely memory intensive, so before enabling all the list, you will need to make sure your Pfsense installation has the memory to support the blocking.

Did you find this article useful? Why not share it with your friends?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.