Difference between revisions of "PFSense and OPNsense"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
(Created page with "== blocking websites == via dns: If the built in DNS Forwarder or DNS Resolver are in use, an override can be configured which will resolve the website to block to an invalid...")
 
Line 7: Line 7:
  
 
This is not a feasible solution for sites that return low TTLs and spread the load across many servers.
 
This is not a feasible solution for sites that return low TTLs and spread the load across many servers.
 +
 +
A hostname may be entered in a network alias, and then that alias may be applied to a block rule.
 +
 +
Another option is finding all of a site's IP blocks, creating an alias with those networks, and blocking traffic to those destinations.

Revision as of 11:38, 25 January 2016

blocking websites

via dns:

If the built in DNS Forwarder or DNS Resolver are in use, an override can be configured which will resolve the website to block to an invalid IP address.

via firewall rule:

This is not a feasible solution for sites that return low TTLs and spread the load across many servers.

A hostname may be entered in a network alias, and then that alias may be applied to a block rule.

Another option is finding all of a site's IP blocks, creating an alias with those networks, and blocking traffic to those destinations.