Thank you very much for teaching us how to configure pfblocker DNSBL on pfsense. I have followed your instructions and everything is working perfectly. Best Regards from Catalonia (Spain)
Today my neighbor gave me an "old" motherboard and I grabbed some ram and my old SSD and installed pfSense right away, and temporarily replaced my Mikrotik (RB750r2) with it.. I just finished setting pfBlockerNG up, and man.. that's simply amazing.. it even looks like I never turned off my AdBlocker on Chrome! Thank you so much for this tutorial ;)
4:08 Thank you for also stressing that best practice is to block external DNS request and force the network to go through pfSense. Thank you also for demonstrating how to properly and easily apply the Firewall Rule. This is an overall fantastic tutorial.
Hi sir. I've watched your video about how to block this whole thing using pfblocker it seems I like it much and very informative video. This is what I looking for. I am new in pfsense and I found out that your videos are very resourceful. Keep up the good work sir. God bless
Great video Tom. Suggestion: Use NAT for DNS; set up NAT rule on LAN that forwards all UDP port 53 traffic to the localhost IP (pfsense). This way, pfsense has all dns traffic and nothing breaks if dns is manually set.
Yes I added those 2 rules into my pfsense for DNS and it worked, but broke my ability to browse my share on my freenas box with my linux file manager. I could still get to it in ssh and my mounts worked, but for some reason my Dolphin file manager failed to connect \\10.x.x.x it would just time out. I turned off the 2 rules and it worked fine.
It's the oddest thing - the first time I tried this about 6 months ago, it wasn't working properly - oh it worked but DNS resolution was so slow it was unworkable. Now after seeing your other tutorial on running PFSense on XCP-ng where you state to disable checksum offloading, I turned PFBlocker back on without disabling the CO and it works normally. Weird or what? Thanks for making these videos BTW. They are great.
Love your videos, especially pfSense. I've got my home VMware hosts all up and running and pfSense thanks to you. I just need to setup a cluster now for pfSense, I'm sure you already have a video on that.
DNS over TLS uses port 853, would I need to also set up the same firewall rules along with the ones for port 53 if I’m using pfSense DNS Resolver to do DNS over TLS? Or just rules for 853? Thanks in advance.
Very nice Video , i need to ask 2 questions. I am running this schema ,internet Pfsense, USG , Un-switch 8port 150w. I tried to block gambling bets etc but nothing with pfBlockerNG-devel . Also i cant see ip lease from Pfsense only the USG is this correct ?Any suggestions ?
Thanks so much for the great video! I am confused on your LANnet DNS rules beginning at 4:48 in the video. What are you specifying for DNS servers for these rules? On your dashboard, DNS Servers listed are: 127.0.0.7; 192.168.3.1 (maybe pfsense box?); 208.67.222.222 (OpenDNS server) and 8.8.4.4 (google). Can you please explain or direct me to a previous video that specifies what DNS servers you are using and how they tie into the LAN net Rules?
Hello. thanks for the tutorial. After setting the firewall rules for DNS 52 UDP port, it also blocks the Google services, like GoogleDrive, and so on. It also stops Windows applications like Microsoft Teams. Does this have a solution? I want to allow Google products to run on my Lan. I am using pfsense 2.6.0
This did not work for me / I am in an internal network, also I didn't add the dns rules because they ended up blocking everything, and I use a public dns, plus dns over tls, I think that might be stopping me from blocking via dns
Your tutorial have been a great help setting up my pfsense box. But now i feel like i am knocking my head agenst a brick wall. I have 2 interfaces bridged and the second one (without an IP) cant talk to the pfsense DNS server despit allowing using rules. Anyone had the dame problem, any clues on solution. As a tempory fix i have set up a NAS to an external DNS server.
I watched this tutorial to the end,porn sites etc dosent get blocked with a message or even a pixel but it gets listed on firewall/pfblockerng/alerts and then tab report. its like its sees that i am wanting to access it but no block?. Even at nslookup i still get the ip address of porn site gamble etc. rules are set on the firewall/rules/lan, what i am missing here?
Thanks for the Video, I have implemented but how would I block say netflix? just one site in addition? Or maybe streaming websites, but not like youtube.
Thanks Tom for the great Tutorial! Please consider the pihole on raspi and pfsense tutorial you mentioned at 11:11 in the video. I currently use a pihole running on raspi at home and want to get that working with my new pfsense box.
Why do you need the first "allow" rule for port 53? Source=any, destination=lan net. The rule is inbound on lan port. If host there wanted to get to dns server on the lan, it wouldn't be routing thru pfsense it would go direct. So the rule is not needed.
Wonderful video, thank you!! I had tried to configure this before without fully understand some of the essential options. You covered them all with explanations to boot. Really great material to operate a safer home network.
Hey... Thanks for the tutorial, just have on question... wouldn't the exception rule included at the end be invalid if the machine is allocated another ip address at boot up from yo pfsense system? I believe it would be more effective if the machine was to be assigned a static IP possibly outside the defined range. Cheers.
Love your videos on pfSense. Is there anyway you can zoom to the sections where your typing when your typing? Even when you said let me zoom in, when you were doing NS lookup, it was still so far out. Thanks again for all your pfSense videos...
Not how this works, blocking individual users requires a more complex firewall rules that wold have a list of all facebook addresses and then the IP of the device you want to block.
This DNSBL Virtual IP is a little confusing. I left it default and saved then realized my network starts with 10. So went back and changed it to a 172. network and saved it. Now doing a nslookup on... example adspeed.net it keeps coming up 10.10.10.1 instead of the 172 network. Can't seem to fix it. What IP should you put in there? Will the default interfere with my 10 network?
I am probably asking you a difficult question - I have two different interfaces, I want to block Ad + Social on one and on other I want to block only Ad. I was hoping to get custom alias built by pfblockerng and then use it in firewall rules. Right now I found some IP addresses and then added to the rule - though this is hard to maintain - what is your take? Thanks in advace :)
My PfSense with ngBlocker gives a very severe warning page instead of a 1 pixel page. How can I get a copy of that, or, how would I edit the warning page in the system?
aah, i just got into making soft rn and tNice tutorials is so helpful and your voice is so sootNice tutorialng btw! thanks for tNice tutorials tutorial
is there a good way to change the pixle to display an image of your shoosing all i could find on the forum is that its a selectable feature coming in the next update of dns or blocker, if there is a manual way id love to know.
Tom, Some of the Pi-Hole list entries don't work anymore namely Zeustracker and Hosts file. Can you show us the lists you currently use or point us to the links that we can use?
+Steve Oechsle to my knowledge is not any easy way to do it I'm not sure if they will be updating that in future versions though. But because this is almost pfblockerng her to my knowledge there is no version of that for UniFi or the edge router products
Hello my friend, how are you? What are you using to block files download? I know that you can accomplish that with squid proxy filter using regex, but I do not know any other way to do the same thing. Do you have any suggestion? Thanks.
Works in Hyper-V as well. May fall back on that but virtualizing your router\firewall has it's own issues no matter how you do it. Mainly, rebooting the hypervisor shuts your internet off.
Thanks for the tutorial. It worked but if i change my Prefered DNS server on my PC. All sites were unblocked. How do I block DNS server address coming from the PC.? Thanks
22:22 Gday Could you limit speed of sites, eg youtube and facebook to say 100Kb/sec and get the pfsense box to cache the files locally and send that data via LAN speeds , reducing the speed of the internet but increasing the speed locally so it seems the internet is FAST
With all due respect to free software, pfBlockerNG needs to address some surprisingly absent features to address issues it creates. For instance, it needs to allow the input of DNS txt lists without a server like with IP lists. It's only a txt list so why can't you easily add custom designed DNS txt lists that don't rely on large foreign web lists. Otherwise, you need to be able to edit the accumulated list as well as view it for easy assessment. It also needs to allow changing the 1 pixel to a graphic which shows pfblocker as the blocker to know what it effects vs other restrictors. These simple limitations cause way more effort and complexity than necessary in deployment of an otherwise great concept and in troubleshooting web issues.
Hello Tom, pfblocker is having problem with custom list SSL connections. I added facebook.com to the custom list, and once user visits, SSL cert error appears: "this site is not secure". There are many netgate and other forum entries without clear explanation how this can be fixed. Do you know how to fix it? Can you make a video about it? Thanks!
Hi sir Lawrence, great tutorial! Thank you for this, BTW is it possible to do schedule based blocking for pfblockerng? For example i want to allow specific sites in a time range like 12:00PM to 1:00PM..
thanks for the tutorial tom!!!! i just configure in my pfsense, I just have an error that the hostnet is not updating, but maybe is a server error. grettings from mexico
Hi, good day. I was following the video but I can't get it to work. Im suspecting its the Virtual IP that I used. Your help would be greatly appreciated.
After I install this I keep getting this same errors with several reinstall: "There were error(s) loading the rules: /tmp/rules.debug:24 cannot define table bogons: Cannot allocate memory - The line in question reads [24]: table ..." Also other same errors but for cannot define table pfB_Europe_v4. Why cannot allocate memory which I got 16M?
Hi, I found your video very useful... but I have a question, is there any way to "imitate" squidguard(which I hate) what I mean is... on squidguard I can build different ACLs for my different LAN segments, so for example I want my 10.45.x.x lan to have facebook blocked, but my 10.20.x.x. segment available to use it... and also malware sites blocked for everyone... you think this is possible?, btw what a great video ! thanks for it
thank you for this totoriel! In my case, I want to limit the bandwith per users of group of my LDAP server (AD in windows server 2012 R2)! do you know how can I do it ?
Thank you very much for teaching us how to configure pfblocker DNSBL on pfsense. I have followed your instructions and everything is working perfectly. Best Regards from Catalonia (Spain)
How did you get the black list? Is it possible to use squidguard blacklist in pfblockerng?
Today my neighbor gave me an "old" motherboard and I grabbed some ram and my old SSD and installed pfSense right away, and temporarily replaced my Mikrotik (RB750r2) with it.. I just finished setting pfBlockerNG up, and man.. that's simply amazing.. it even looks like I never turned off my AdBlocker on Chrome! Thank you so much for this tutorial ;)
4:08 Thank you for also stressing that best practice is to block external DNS request and force the network to go through pfSense. Thank you also for demonstrating how to properly and easily apply the Firewall Rule. This is an overall fantastic tutorial.
Just got my Netgate 1100 up and running and this was the first config video I went to! Thanks for the info, now those ads are going away...
i got mine as well around the same time. great fw
Hi sir. I've watched your video about how to block this whole thing using pfblocker it seems I like it much and very informative video. This is what I looking for. I am new in pfsense and I found out that your videos are very resourceful. Keep up the good work sir. God bless
by far the best explained and easy to understand tutorial. subbed.
"not gonna talk about this feature"
the only one I cared for
Great video Tom. Suggestion: Use NAT for DNS; set up NAT rule on LAN that forwards all UDP port 53 traffic to the localhost IP (pfsense). This way, pfsense has all dns traffic and nothing breaks if dns is manually set.
Great idea!
Yes I added those 2 rules into my pfsense for DNS and it worked, but broke my ability to browse my share on my freenas box with my linux file manager. I could still get to it in ssh and my mounts worked, but for some reason my Dolphin file manager failed to connect \\10.x.x.x it would just time out. I turned off the 2 rules and it worked fine.
I do that and works great! Thanks.
Clever!
Sorry, I'm a bit confused. Am I setting the rule to pass or deny the UDP packets as per what you recommended?
It's the oddest thing - the first time I tried this about 6 months ago, it wasn't working properly - oh it worked but DNS resolution was so slow it was unworkable. Now after seeing your other tutorial on running PFSense on XCP-ng where you state to disable checksum offloading, I turned PFBlocker back on without disabling the CO and it works normally. Weird or what? Thanks for making these videos BTW. They are great.
great video! BTW you can whitelist some sites in the DNSBL. You can go to alerts and whitelist the site that is being blocked.
Your explanation and thoroughness of this is fantastic. Love your pacing with it all as well. Thanks for the great video!
Got this up and running in about 10 minutes, took about 5 hours with manual unbound/pihole config on my old setup.
Thank you so much for making this video. You have no idea what a headache you have relieved!!
Love your videos, especially pfSense. I've got my home VMware hosts all up and running and pfSense thanks to you. I just need to setup a cluster now for pfSense, I'm sure you already have a video on that.
Should the Action under PfBlockerNG\IP PRI1 be Deny Outbound or Deny Inbounnd?
very well explained, thank you, is there any way to block streaming websites espacially youtube using pfblockerNG?
DNS over TLS uses port 853, would I need to also set up the same firewall rules along with the ones for port 53 if I’m using pfSense DNS Resolver to do DNS over TLS? Or just rules for 853?
Thanks in advance.
Very nice Video , i need to ask 2 questions. I am running this schema ,internet Pfsense, USG , Un-switch 8port 150w. I tried to block gambling bets etc but nothing with pfBlockerNG-devel . Also i cant see ip lease from Pfsense only the USG is this correct ?Any suggestions ?
Thanks so much for the great video! I am confused on your LANnet DNS rules beginning at 4:48 in the video. What are you specifying for DNS servers for these rules? On your dashboard, DNS Servers listed are: 127.0.0.7; 192.168.3.1 (maybe pfsense box?); 208.67.222.222 (OpenDNS server) and 8.8.4.4 (google).
Can you please explain or direct me to a previous video that specifies what DNS servers you are using and how they tie into the LAN net Rules?
Hi!
I have the same question, were you able to figure out how to set the DNS server?
Hello. thanks for the tutorial. After setting the firewall rules for DNS 52 UDP port, it also blocks the Google services, like GoogleDrive, and so on. It also stops Windows applications like Microsoft Teams. Does this have a solution? I want to allow Google products to run on my Lan.
I am using pfsense 2.6.0
This did not work for me /
I am in an internal network, also I didn't add the dns rules because they ended up blocking everything, and I use a public dns, plus dns over tls, I think that might be stopping me from blocking via dns
Thank you so much. I was specifically looking for the "Pi-Hole lists" part.
Is the list for pi-hole still available? I can't seem to go to the github page as it doesn't exist.
My pass IP rule does not work. Do I have to restart something? I am still blocked. (19:25= -> )
Your tutorial have been a great help setting up my pfsense box.
But now i feel like i am knocking my head agenst a brick wall. I have 2 interfaces bridged and the second one (without an IP) cant talk to the pfsense DNS server despit allowing using rules. Anyone had the dame problem, any clues on solution. As a tempory fix i have set up a NAS to an external DNS server.
is it possible to allow using a MAC address or binding an IP address to a MAC address and allowing that IP/MAC address ??
I watched this tutorial to the end,porn sites etc dosent get blocked with a message or even a pixel but it gets listed on firewall/pfblockerng/alerts and then tab report. its like its sees that i am wanting to access it but no block?. Even at nslookup i still get the ip address of porn site gamble etc. rules are set on the firewall/rules/lan, what i am missing here?
Great tutorial!!! But what if I want to add a specific website to block? Where can I enter the URL? Thanks man.
Thanks for the Video, I have implemented but how would I block say netflix? just one site in addition? Or maybe streaming websites, but not like youtube.
Thanks Tom for the great Tutorial! Please consider the pihole on raspi and pfsense tutorial you mentioned at 11:11 in the video. I currently use a pihole running on raspi at home and want to get that working with my new pfsense box.
Not needed th-cam.com/video/OJ8HHwpGxHw/w-d-xo.html
Is there a way to customize the web server so that you would get your own "block screen" instead of just a black screen?
I had it disabled, was not working before, now working and will continue to use it
Is it possible to specify a list of IP to this rule? Not only for the hole network? How? Thanks in advance.
How can I set it to I only allow my smartphone access a server in my neighborhood from outside it?
Maybe you can guide me, I can block the pages but when I put www. ahead lets me enter the page. What would be the problem?
Do you have a video showing how to edit softs????
I'm a newbie soft soft (20.9) user, and I'm on Mac 10.14. Would you please help about how to select
Not seeing the DNSBL/Feed in 3.0. They they move it some where?
Why do you need the first "allow" rule for port 53? Source=any, destination=lan net. The rule is inbound on lan port. If host there wanted to get to dns server on the lan, it wouldn't be routing thru pfsense it would go direct. So the rule is not needed.
What firewall setup would you use on. A small broadcast studio (TV)?
Wonderful video, thank you!! I had tried to configure this before without fully understand some of the essential options. You covered them all with explanations to boot. Really great material to operate a safer home network.
Hey... Thanks for the tutorial, just have on question... wouldn't the exception rule included at the end be invalid if the machine is allocated another ip address at boot up from yo pfsense system? I believe it would be more effective if the machine was to be assigned a static IP possibly outside the defined range. Cheers.
Hi Lawarence, please need your help in updating my PFsense so that ii can install the packages on my firewall
Love your videos on pfSense. Is there anyway you can zoom to the sections where your typing when your typing? Even when you said let me zoom in, when you were doing NS lookup, it was still so far out. Thanks again for all your pfSense videos...
Is it possible to create a custom redirect page with a message? instead of using the single pixel for those websites
Thanks for the great tutorial, but can i use a custom html web page including a message to be directed to instead of the (1x1) single Pixel? :)
Hi there I hope you can answer a question how would this apply when you would want to block only one user from accessing Facebook for example?
Not how this works, blocking individual users requires a more complex firewall rules that wold have a list of all facebook addresses and then the IP of the device you want to block.
@@LAWRENCESYSTEMS Thanks will look into the rules for the pfsense
Quick question, i'm new to pfsense. Does openDNS already does this? Or is configuring pfblocker better?
This DNSBL Virtual IP is a little confusing. I left it default and saved then realized my network starts with 10. So went back and changed it to a 172. network and saved it. Now doing a nslookup on... example adspeed.net it keeps coming up 10.10.10.1 instead of the 172 network. Can't seem to fix it. What IP should you put in there? Will the default interfere with my 10 network?
Thx good video! Do you think that services like PS Vue won't have troubles with this approach ?
I am probably asking you a difficult question - I have two different interfaces, I want to block Ad + Social on one and on other I want to block only Ad. I was hoping to get custom alias built by pfblockerng and then use it in firewall rules. Right now I found some IP addresses and then added to the rule - though this is hard to maintain - what is your take?
Thanks in advace :)
Hi, What if i want to Block all then whitelist few websites. What would be the best way to do it ? Thanks
How to block all traffic, except selected web sites? (can you white-list DnsBlocker?)
DUDE, I got so frustrated 'cause of that problem, thanks a lot!
My PfSense with ngBlocker gives a very severe warning page instead of a 1 pixel page. How can I get a copy of that, or, how would I edit the warning page in the system?
aah, i just got into making soft rn and tNice tutorials is so helpful and your voice is so sootNice tutorialng btw! thanks for tNice tutorials tutorial
is there a good way to change the pixle to display an image of your shoosing all i could find on the forum is that its a selectable feature coming in the next update of dns or blocker, if there is a manual way id love to know.
is it possible to create diffrent policies for diffrent users like hardware firewall
Is it possible to alter the landing page for blocked domains? So the user sees a "Sorry, this website has been blocked by the firewall" screen?
Hi Sir! Is there a way that I can whitelist an IP on DNSBL? example. I want 10.10.30.2 to access facebook only. Can I whitelist the said IP?
Juste une question, c'est nécessaire d'utiliser en même temps squid et pfblock sous pfsense?
Tom, Some of the Pi-Hole list entries don't work anymore namely Zeustracker and Hosts file. Can you show us the lists you currently use or point us to the links that we can use?
i want to create for particular ip group and some sites blocks in this group.its possible in this.
Any problem using NAT to redirect external DNS to 127.0.0.1? Does that happen before or after the firewall rules?
Hate to chime in...but well done. Thank you for *all* the instructional videos and reviews that you've done.
Very nice and easy to follow. Nice job Sir !
Thanks Tom - very insightful. Do you know if this site-blocking technique is also available in the UBNT Edgerouter-X?
+Steve Oechsle to my knowledge is not any easy way to do it I'm not sure if they will be updating that in future versions though. But because this is almost pfblockerng her to my knowledge there is no version of that for UniFi or the edge router products
Hello my friend, how are you? What are you using to block files download? I know that you can accomplish that with squid proxy filter using regex, but I do not know any other way to do the same thing. Do you have any suggestion? Thanks.
but isn't mim /ssl filtering needed to have clam av scan anything now or else av in squid isn't doing shit????
10:37 - Can you use that Xen fork hypervisor to run pfsense virtually on a box ?
pfsense can be run in a hypervisor. I have tested it with both VirtualBox and XEN. I am sure it works in many others.
Works in Hyper-V as well. May fall back on that but virtualizing your router\firewall has it's own issues no matter how you do it. Mainly, rebooting the hypervisor shuts your internet off.
+Scott Smith guess that's why the auto start is necessary
I don't know if there is any way to prevent pfsense from solving dns pollution and poisoning and reset the connection
excellent video once again. It is just what I was looking for. Thanks
Very informative tutorial, always enjoy your videos! Thank you.
I was able to use squid to filter ssl traffic but this is much easier! Thanks Tom!
If I multiple vlan setup, Should I create the same rules which you created for LAN in all the vlans?
Yes
Great explanations man! Keep up the amazing work man!
Thanks for the tutorial. It worked but if i change my Prefered DNS server on my PC. All sites were unblocked. How do I block DNS server address coming from the PC.? Thanks
Hi! I got curious about if you use a screen capture software, or a streaming software and capturing the output. Which is it?
Whatever he uses he's extraordinarily adept at presenting to a technical audience.
+Scott Smith ;) OBS makes it easy
Cool! Thanks for confirming ;)
At the very least, LTS deserve an extra couple of zeros on the amount of subscribers they currently have.
22:22 Gday Could you limit speed of sites, eg youtube and facebook to say 100Kb/sec and get the pfsense box to cache the files locally and send that data via LAN speeds , reducing the speed of the internet but increasing the speed locally so it seems the internet is FAST
charlie brownau you can cache files using Squid in pfSense. As for limiting download speed of certain sites, sorry can't help you with that.
did they ever find a work around for android chrome?
With all due respect to free software, pfBlockerNG needs to address some surprisingly absent features to address issues it creates. For instance, it needs to allow the input of DNS txt lists without a server like with IP lists. It's only a txt list so why can't you easily add custom designed DNS txt lists that don't rely on large foreign web lists. Otherwise, you need to be able to edit the accumulated list as well as view it for easy assessment. It also needs to allow changing the 1 pixel to a graphic which shows pfblocker as the blocker to know what it effects vs other restrictors. These simple limitations cause way more effort and complexity than necessary in deployment of an otherwise great concept and in troubleshooting web issues.
Hello Tom, pfblocker is having problem with custom list SSL connections. I added facebook.com to the custom list, and once user visits, SSL cert error appears: "this site is not secure". There are many netgate and other forum entries without clear explanation how this can be fixed.
Do you know how to fix it? Can you make a video about it?
Thanks!
Hi sir Lawrence, great tutorial! Thank you for this, BTW is it possible to do schedule based blocking for pfblockerng? For example i want to allow specific sites in a time range like 12:00PM to 1:00PM..
You could probably create time rules under the firewall settings for each rule related to pfblocker
Can opnsense do this as effectively and easily? I was going to go with opnsense but this looks like a good feature.
This package is not available in OPNsense.
Wow what timing . I am making a cheap DIY Linux router box using pfsense using ITX ECS AM1 system + 4 port gig nic + 8 gig of RAM + 32 gig SSD
Thanks a lot for making this video.
Could you also make a video on how to add a custom domain not on the list to be blocked?
thanks for the tutorial tom!!!! i just configure in my pfsense, I just have an error that the hostnet is not updating, but maybe is a server error. grettings from mexico
Hi Tom, how do you perform blocking for a custom domain list? Thank you.
You could build the list as an alias.
Hi, good day. I was following the video but I can't get it to work. Im suspecting its the Virtual IP that I used. Your help would be greatly appreciated.
very informative and easy to implement . thanks bro ,you did great job .
when using Browsec extension we can bypass this roles so Is there any solution for that whit pfsense?? i speak about proxi extension or apps
So I find by adding a single host as the Destination Ip of pfsense it works as well. No block rule either.
HI, Larence very good video. Could you please tell how to put a blocking webpage instead of the pixel ..
When a page is blocked you get he pixel
After I install this I keep getting this same errors with several reinstall: "There were error(s) loading the rules: /tmp/rules.debug:24 cannot define table bogons: Cannot allocate memory - The line in question reads [24]: table ..." Also other same errors but for cannot define table pfB_Europe_v4. Why cannot allocate memory which I got 16M?
Does this intercept DNS? So if a computer on your network is set to use 8.8.8.8 as their DNS, does this still work?
Not by default but it can be configured to do so docs.netgate.com/pfsense/en/latest/recipes/dns-redirect.html
19:12 Gday. Can you just block EVERYTHING and then manually whitelist stuff ?
You can if you use SquidGuard, you create a white list then change the default action to be a deny,
Hi, I found your video very useful... but I have a question, is there any way to "imitate" squidguard(which I hate) what I mean is... on squidguard I can build different ACLs for my different LAN segments, so for example I want my 10.45.x.x lan to have facebook blocked, but my 10.20.x.x. segment available to use it... and also malware sites blocked for everyone... you think this is possible?, btw what a great video ! thanks for it
thank you for this totoriel!
In my case, I want to limit the bandwith per users of group of my LDAP server (AD in windows server 2012 R2)! do you know how can I do it ?
Do i have to use different DNS server than PFSense for this to work?
This is a very handy pfsense video. Thanks for sharing.