Differences

This shows you the differences between two versions of the page.

--- pfsense:pfblockerng:install_pfblockerng:setup_dnsbl_blocking [2021/01/28 10:45] – peter
+++ pfsense:pfblockerng:install_pfblockerng:setup_dnsbl_blocking [2023/04/22 09:22] (current) – [Enable DNSBL] peter
@@ Line 3: / Line 3: @@
 ===== Enable DNSBL =====
-Navigate to **Firewall -> pfBlockerNG -> DNSBL** and check the box for **Enable DNSBL**.
+Navigate to **Firewall -> pfBlockerNG -> DNSBL**.
-Optionally, if you have a lot of RAM, you can also enable **TLD**.  This setting enables additional processing to block ALL sub-domains for advanced blocking.  For example, a list with sharewiz.net would also result in blog.sharewiz.net also being blocked if TLD is enabled.
+In **DNSBL**:
+  * Enable DNSBL:  **Checked**.
+  * Wildcard Blocking (TLD):  **Checked**.
+<WRAP warning>
+**WARNING:**  Wildcard Blocking (TLD) uses a lot of RAM.
+Do not enable this on systems with less than 8GB RAM!
+This setting enables additional processing to block ALL sub-domains for advanced blocking.
+For example, a list with sharewiz.net would also result in blog.sharewiz.net also being blocked if TLD is enabled.
+</WRAP>
 {{:pfsense:pfblockerng:pfsense_pfblockerng_dnsbl_tld.png?800|}}
-Locate the **DNSBL Webserver Configuration** section:
+----
+In **DNSBL Webserver Configuration**:
   * Virtual IP Address: **10.10.10.1**.  This is the default IP address and should be fine.  Only change if needed.  Enter an IP address that is not in your internal networks, something like 10.10.10.10.
@@ Line 19: / Line 35: @@
 {{:pfsense:pfblockerng:pfsense_pfblockerng_dnsbl_webserver_configuration.png?800|}}
+----
+In **DNSBL Configuration**:
+  * Permit Firewall Rules:  **Checked**.
-Locate **Permit Firewall Rules** within the **DNSBL Configuration** section:
+<WRAP info>
+**NOTE:**
   * If you ONLY have one LAN interface, leave this setting unchecked.
   * If you have multiple LAN interfaces, check this setting and select each interface to protect.
+</WRAP>
   * Scroll to the bottom of the page and click the **Save** button.
 {{:pfsense:pfblockerng:pfsense_pfblockerng_dnsbl_permit_firewall_rules_multiple_lans.png?800|}}
+----
+In **DNSBL Whitelist**:
-Locate the **DNSBL Whitelist** Section:
+  * See [[PFSense:pfBlockerNG:DNSBL:DNSBL Whitelist|DNSBL Whitelist]].
-  * See [[PFSense:pfBlockerNG:DNSBL Whitelist|DNSBL Whitelist]].
   * Enter the following white-list domains and modify as you like:
   * <code>
@@ Line 67: / Line 92: @@
 </code>
+----
-Locate **DNSBL IPs** section:
+In **DNSBL IPs**:
   * List Action: **Deny Both**.
@@ Line 91: / Line 117: @@
 {{:pfsense:pfblockerng:pfsense_pfblockerng_feeds_dnsbl_category_easylist.png?800|}}
+<WRAP info>
+**NOTE:**  See:  [[PFSense:pfBlockerNG:Add DNSBL Feeds|Add DNSBL Feeds]].
+</WRAP>
+----
 Set EasyList Feeds to:
@@ Line 128: / Line 160: @@
 {{:pfsense:pfblockerng:pfsense_pfblockerng_feeds_dnsbl_pi_hole.png?800|}}
+----
+Return to [[PFSense:pfBlockerNG:Install pfBlockerNG|Install pfBlockerNG]] or continue to [[PFSense:pfBlockerNG:Install pfBlockerNG:Update Blocking Lists|Update Blocking Lists]].
+----