PFSense Firewall

 

 To install

There is so many settings but for the basic install we use the defaults.

First we download PFSENSE CE from there website but we also keep a copy on our server

We install it onto the computer with just the basic settings and make sure what is setup for Wan and Lan

 

Now time to setup things, In System - Packege Manager we will install a few packeged, the first is " pfBlockerNG-devel", "Openvpn-client-export", "Arpwatch", "Cron", "Mailreport", "Service_Watchdog", "Shellcmd"

 

Now the main setup pfBlockerNG, Firewall - pfBlockerNG.

  • Click on Enable.
  • Click on "save"
  • IP, go to MaxMind GeoIP website by clicking on Link To Register
  • Input the MaxMind code
  • Don't select any network to block or reject, as we will do this later
  • Floating Rules, leave unticked
  • Firewall 'Auto' Rule Order, leave default
  • Kill State, Tick
  • We will setup other rules later
  • click on "save IP settings"
  • Now DNSBL tab
  • Enable DNSBL
  • DNSBL Mode, Unbound
  • change "Virtual IP Address" if needed, make sure its not part of anynetwork it will connect to.
  • make sure "DNSBL VIP Type" is IP Alias
  • Web Server Interface set to main LAN port
  • Permit Firewall Rules, tick
  • Select the LAN ports
  • under "DNSBL IPs" select Alias Deny
  • Click on "Save DNSBL Settings"
  • Now "Feeds"
  • Select the feeds you want
  • For the IP's you will have to make sure of the settings, "Format" Auto, "State" ON, "Action" Alias Deny, "Update Frequency" Weekly, Save it, then do the next
  • For DNSBL , "Format" Auto, "State" ON, "Action" Unbound, "Update Frequency" Weekly, "Logging / Blocking Mode" DNSBL Webserver/VIP, Save it, then do the next.
  • Update menu, Reload all.
  • This will setup all of pfblocker.

Once done and loaded up we then go to "Firewall" - "Rules" and make sure the rules are in the right places and orders.

 

Once all is set up reboot pfsense and make sure there is no errors.