PFSense - pfBlockerNG - Install pfBlockerNG - Setup IP Blocking

Navigate to Firewall → pfBlockerNG → IP.

In IP Configuration:

• De-Duplication: Checked
• CIDR Aggregation: Not checked
• Suppression: Checked
• Force Global IP Logging: Not checked
• Placeholder IP Address: 127.1.7.7
• ASN Reporting: Disabled

Navigate to Firewall → pfBlockerNG → IP.

In MaxMind GeoIP configuration:

• MaxMind License Key: Enter the MaxMind License Key. If you don't have a key, register for one on the Maxmind Site.
• MaxMind Localized Language: English.
• MaxMind CSV Updates: Not Checked.

Navigate to Firewall → pfBlockerNG → IP.

In IP Interface/Rules Configuration:

• Inbound Firewall Rules: WAN and Block.
• Outbound Firewall Rules: LAN and Reject.
  • If you have more than one internal interfaces, press CTRL or CMD (for Mac users) and click on each interface to be included.
• Floating Rules: Checked.
• Firewall 'Auto' Rule Order: Select the top option.
• Firewall 'Auto' Rule Suffix: auto rule.
• Kill States: Checked.

Scroll to the bottom of the page and click the Save button.

Navigate to Firewall → pfBlockerNG → IP → IPv4.

• Click the Add button.
• Give it a Name and Description.

Add in as many IP Source Definitions as needed.

In Settings:

• State: ON.
• Action: Deny Both.
• Update Frequency: Once per day.

Navigate to Firewall → pfBlockerNG → IP → IPv6.

• Click the Add button.
• Give it a Name and Description.

Add in as many IP Source Definitions as needed.

In Settings:

• State: ON.
• Action: Deny Both.
• Update Frequency: Once per day.

Navigate to Firewall → pfBlockerNG → IP → GeoIP.

Return to Install pfBlockerNG or continue to Setup DNSBL Blocking.