Pfsense -> PfBlockerNG (and the advertisements just disappear)

It's interesting how well this works. A good selection of free lists block the crap advertising and it's just gone. extratorrents no longer pops up crap. The websites that spam me with embedded advertising suddenly look clean and simple.

So nice.

4 Likes

I haven't tried it, but there should be a content filtering part of pfsense. If it's like typical content filtering on most enterprise firewalls it'll have an option for advertisements and it'll work just as well or better than that would.

PfBlockerNG is the addon for Pfsense that provides content filtering within it's firewall rules via rules that block common lists of different types of malware, advertisers, geoip, etc.

Well content filtering is typically much more encompassing. I.e. on the firewalls that I manage I can check boxes to block all traffic for things like social media, torrents, porn, advertisements, categorized websites, etc. Our 'big' firewall has a couple hundred suggestions.

We are talking about the same thing. Best to have a quick look at PfBlockerNG.

I'll take a look at it when I get a chance. I had been wondering what the content filtering option was in pfsense for a while... just never bothered to dig deeper into it when we decided against using it in our enterprise.

Got a writeup on it?

The default lists are mainly targeting ads and tracking. I've literally just turned it on and it looks fairly configurable, you can have custom lists, and custom pull lists from external sources, these could include social buttons if you have a source list.

@wendell This is definitely something to look at for another episode of a fireside chat with pfsense!

2 Likes

There's a fairly good blog-post on the subject here:

As Dallas notes in the end, enableing block both ways can be useful, as you can get alerts from your intenal interfaces, i.e. LAN. That means that something on your internal net is trying to connect to something on your block-lists. Could be very bad indeed.

DNSBL is also recommended.

3 Likes

Yes I've been using it for a while to block both adds and bad IP's works a treat check out http://iplists.firehol.org/ for some good lists

1 Like