Wiki

User Tools

Site Tools

Trace:
pfsense:pfblockerng:bypass_pfblockerng_for_specific_clients

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pfsense:pfblockerng:bypass_pfblockerng_for_specific_clients [2020/07/15 09:30] – external edit 127.0.0.1pfsense:pfblockerng:bypass_pfblockerng_for_specific_clients [2021/01/28 09:23] (current) – [PFSense - pfBlockerNG - Bypass pfBlockerNG for specific clients] peter
Line 12: Line 12:
 Navigate to **Services -> DNS Resolver**. Navigate to **Services -> DNS Resolver**.
  
-In the **General Settings** tabchange:+In the **General Settings** tabchange:
  
   * Custom options: <code>   * Custom options: <code>
-server:private-domain: "plex.direct" +server: 
- +    private-domain: "plex.direct" 
-server:include: /var/unbound/pfb_dnsbl.*conf+    include: /var/unbound/pfb_dnsbl.*conf
 </code> </code>
  
Line 23: Line 23:
  
   * Custom options: <code>   * Custom options: <code>
-server:private-domain: "plex.direct" 
- 
 server: server:
-    access-control-view192.168.50.0/24 bypass+    private-domain"plex.direct"
     access-control-view: 192.168.1.0/24 dnsbl     access-control-view: 192.168.1.0/24 dnsbl
 +    access-control-view: 192.168.50.0/24 bypass
     access-control-view: 192.168.70.0/24 dnsbl     access-control-view: 192.168.70.0/24 dnsbl
 view: view:
Line 45: Line 44:
 Also, do not have the word **server:** in front of the following statement **server:include: /var/unbound/pfb_dnsbl.*conf**. Also, do not have the word **server:** in front of the following statement **server:include: /var/unbound/pfb_dnsbl.*conf**.
  
-The following line may be needed above the **include: /var/unbound/pfb_dnsbl.*conf** line:  **include: /var/unbound/host_entries.conf**.+The following line may be needed above the **include: /var/unbound/pfb_dnsbl.*conf** line: <code>include: /var/unbound/host_entries.conf</code>
 </WRAP> </WRAP>
  
Line 101: Line 100:
  
 <WRAP info> <WRAP info>
-**NOTE:**  A 192.168.0.0/22 mask (CIDR) for the IPv4 subnets it does not work, I instead had to define each subnet with /24. Maybe a /16 would have worked?+**NOTE:**  A 192.168.0.0/22 mask (CIDR) for the IPv4 subnets did not work, I instead had to define each subnet with /24. Maybe a /16 would have worked?
  
 Same problem with IPv6. (note, the examples mask my real IPv6 prefix), I had to define multiple /64's as a single /62 did not work. Same problem with IPv6. (note, the examples mask my real IPv6 prefix), I had to define multiple /64's as a single /62 did not work.
Line 132: Line 131:
 </code> </code>
  
-These entries added in our “dnsbl” view force all clients in this group (192.168.20.x) to the SafeSearch address for each of the four services included.+<WRAP info> 
 +**NOTE:**  These entries added in the **dnsbl** view force all clients in this group (192.168.20.x) to the SafeSearch address for each of the four services included.
  
-We have to add them here as adding them as a Host Override on the DNS Resolver configuration page would enforce them for all clients.+These have to be added hereas adding them as a Host Override on the DNS Resolver configuration pagewould enforce them for all clients. 
 + 
 +</WRAP>
  
 ---- ----
pfsense/pfblockerng/bypass_pfblockerng_for_specific_clients.1594805433.txt.gz · Last modified: 2020/07/15 09:30 by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki