IMPORTANT NOTICE!!Want to learn CCNA and get trained by Professionals? Here is your opportunity! New CCNA online training batch starts next week. Don't miss this Golden opportunity! Hurry and get registered. Email at [email protected] for details.

Block malicious websites in pfsense with pfblockerNG

Block malicious websites in pfsense with pfblockerNG

Asalam o alikum, in this tutorial we will learn How to Block malicious websites in pfsense with pfblockerNG

Block malicious websites in pfsense with pfblockerNG

Before beginning i assume that you have configured pfsense. if not please read these articles:

how to download and install pfsense on vmware (2022) – IT Funkaar

pfsense installation and configuration in vmware – IT Funkaar

In previous tutorials we downloaded, installed and configured pfsense on
vmware.

Today we will see how we can block malicious websites in pfsense

There are a number of ways to block websites in pfsense. In this tutorial we will use a package/ utility in pfsense known as “pfblockerNG“.

PfblockerNG is an open source utility in pfsense which allows us to block malicious websites.

There are variety of features available such as DNSBL blocking, Country blocking , IP/DNS Blacklisting etc

In this tutorial we will use DNSBL to block websites. For this we will specify Steven blacks predefined hosts file which has list of all malicious websites.

Let’s get started!

STEP 1: Power ON pfsense & windows 7 virtual machine

As we have setup our lab in vmware , so first step is to power up virtual machines.

STEP 2: Open PFSENSE GUI

Once both machines are up, open browser in windows 7 machine & type IP Address of Pfsense .

After login screen is displayed enter login credentials.

STEP 3: Install pfblockerNG

Now it’s time to install pfblockerNG!

Follow the steps below :

  • Go to System -> Package Manager
installing pfblockerNG in pfsense to block malicious websites
  • In “available packages” search for “pfblockerNG
  • Click on “Install” button and then “Confirm
  • setup will begin to install and once installed will display completion message

STEP 4: Configure pfblockerNG

After successful installation og pfblocker next step is to configure it.

Follow the steps mentioned below:

  • Navigate to Firewall->pfblockerNG

Now a configuration wizard will be displayed such as the one shown below

  • Click Next on the next 2 screens.
  • In IP component configuration screen :
  1. Select Inbound Firewall Interface = WAN
  2. Select Outbound Firewall Interface = LAN
  3. Click Next
  • Next DNSBL component Configuration will be displayed, leave the default settings and simply click Next
  • You will be directed to last screen of this wizard, finally click “Finish

STEP 5: Configure DNSBL in pfblockerNG

Once pfblocker is configured we will enable DNSBL filtering

Click on “DNSBL” tab and then “DNSBL Groups”

delete default groups if any exists

  • Click on Add button to create new Group
  • In info window, enter name and description of group
  • Next In DNSBL Source definitions , Select State from OFF TO ON
  • In source specify the address of Steven Black Hosts file list.

> Change Action to Unbound

> Optionally you can set “Update frequency“.

It is the time period after which your file will be updated

  • Finally click Save DNSBL Settings

STEP 6: Download Hosts file in pfsense Database

We have finished configuring DNSBL settgins and also specified Steven Blacks Hosts file containing addresses of all malicious sites we want to block

But wait! still the list have not been downlaoded into databse of pfsense

You just need to do a small thing .

Click on “UPDATE” Tab and then check “Updateradio button & click “RUN

You will see how pfsense will start to download the hosts file

STEP 7: TEST !

lAST BUT NOT THE LEAST !!!

Open a web browser and type in any social / porn webiste to check if pfblocker works or not

In my case you can see in screen shot below how pfblockerNG blocks the malicious webiste and display a page.

malicious website blocking with pfblockerNG

STEP 7: Check Logs of blocked webistes (optional)

To check logs against blocked webistes :

  • Navigate to Firewall -> pfblockerNG -> Logs

Don’t forget to watch the video tutorial:

IT Funkaar

Leave a Reply

Your email address will not be published. Required fields are marked *