Huwebes, Enero 29, 2015

Pfsense: anti-bypass OPEN DNS

Read and follow the instruction

OPENDNS is a internet filtering servcies which help you to block access to websites but there are so many ways to bypass opendns. So in this tutorial will help you not to be bypass by the computer geeks.

Pfsense tutorial


Note: This is the setup of our anti-bypass. Please oberserved and analyze the image provided below.
Make the sure that the rule we created is below or next to ANTI-LOCK OUT RULE. If you are not following instruction the rule created will have no effect. Again it should be next to anti-lock out rule.

sample image below: (final setup)









1.) Open Pfsense web gui go to Firewall ->  Rules -> Lan. Click + to add new rule.
     Create PASS rule.

*** Action: Pass
*** Interface: Lan
*** TPC/IP Version: IPv4
*** Protocol: TCP/UDP
*** Destination:  Lan address
*** Other: 53
*** Save

sample image below


















2.) Create another rule for blocking External DNS. Click + add new rule.
     Create BLOCK rule.

*** Action: Pass
*** Interface: Lan
*** TPC/IP Version: IPv4
*** Protocol: TCP/UDP
*** Destination: Any
*** Other: 53
*** Save

sample image below




















Note: All tutorial is tested before posted. If you have a problem regarding the tutorial please comment below. Spoonfeederz will do the best to help you. Thank you

Miyerkules, Enero 28, 2015

Pfsense: BandwidthD

Read and follow the instruction

Pfsense Tutorial

BandwidthD is a graphical report for the TOP 20 Ips by Traffic.
You can generate report by daily ,weekly,monthly and yearly result.


1.) Open you Pfsense web gui and go to System -> Packages , look for BandwidthD and click + at            the right side to install the package.

sample image below













2.) Go to Services -> BandwidthD

*** Enable bandwidth :  check
*** Interface:  Lan 
*** Graph cutoff :  1024     
*** Draw Graphs :  check
*** Then Save

sample image below























3.) after your done wait for 5 minutes before generating a report.
     If you want to generate report just click ACESS BANDWIDTHD tab

sample image below













Note: All tutorial is tested before posted. If you have a problem regarding the tutorial please comment below. Spoonfeederz will the best to help you in your problem. Thank you.

Lunes, Enero 19, 2015

Pfsense: block website using SQUID + SQUIDGUARD

Read and follow the instruction

Pfsense has a package of squid and squidguard which can help you filter web browsing and blocking websites using shallalist blacklist.

Pfsense Tutorial

1.) Install SQUID and SQUIDGUARD
1.1) Open your Pfsense web gui
1.2) Go to System -> Packages
1.3) Look for your squid and squidguard
1.4) Click + at the right side to install the package

sample image below












2.) Go to Services -> Proxy Server after completing the installation to configure squid

*** Proxy Interface: Lan
*** Allow users on interface: Check
*** Transparent Proxy: Check
*** Save

sample image below




















3.) Go to Services -> Proxy Filter to configure squidguard

*** Enable GUI log: Check
*** Enable log: Check
*** Blacklist: Check
*** Copy and Paste this link  http://www.shallalist.de/Downloads/shallalist.tar.gz 
       in blacklist url
*** Save

see image sample

















4.) Go to Blacklist tab and click download

see image sample










5.) Go to Common ACL tab click Target Rules
5.1) After Clicking Target Rules, you will see the different Target Categories
5.2) Deny all you want.
5.3) At the bottom you will Default Access make it "Allow"
5.4) then Save

sample image below 5.1



[






sample image below 5.3





6.) Go to General Settings tab

*** Check to enable
*** Click apply
*** Save

sample image below











Lunes, Enero 12, 2015

Pfsense: block FACEBOOK.COM (https/http)

Read and follow the instruction

Pfsense Tutorial

Blocking  facebook has so many ways but this is one of the best and perfect for your problem. Just copy and paste the collection of IP's I provided below.

1.) Create Aliases name as 'fbblock'
2.) Copy and paste the IP's provided below and click Save

204.15.20.0/22
69.63.176.0/20
66.220.144.0/20
66.220.144.0/21
69.63.184.0/21
69.63.176.0/21
74.119.76.0/22
69.171.255.0/24
173.252.64.0/18
69.171.224.0/19
69.171.224.0/20
103.4.96.0/22
69.63.176.0/24
173.252.64.0/19
173.252.70.0/24
31.13.64.0/18
31.13.24.0/21
66.220.152.0/21
66.220.159.0/24
69.171.239.0/24
69.171.240.0/20
31.13.64.0/19
31.13.64.0/24
31.13.65.0/24
31.13.67.0/24
31.13.68.0/24
31.13.69.0/24
31.13.70.0/24
31.13.71.0/24
31.13.72.0/24
31.13.73.0/24
31.13.74.0/24
31.13.75.0/24
31.13.76.0/24
31.13.77.0/24
31.13.96.0/19
31.13.66.0/24
173.252.96.0/19
69.63.178.0/24
31.13.78.0/24
31.13.79.0/24
31.13.80.0/24
31.13.82.0/24
31.13.83.0/24
31.13.84.0/24
31.13.85.0/24
31.13.86.0/24
31.13.87.0/24
31.13.88.0/24
31.13.89.0/24
31.13.90.0/24
31.13.91.0/24
31.13.92.0/24
31.13.93.0/24
31.13.94.0/24
31.13.95.0/24
69.171.253.0/24
69.63.186.0/24
31.13.81.0/24
179.60.192.0/22
179.60.192.0/24
179.60.193.0/24
179.60.194.0/24
179.60.195.0/24
185.60.216.0/22
45.64.40.0/22


sample image below





3.) Go to Firewall -> Rule and Create Rule for Lan

*** Action: Reject
*** Interface: Lan
*** Protocol: any
*** Destination: Single host or alias ::: "fbblock"
*** Save

see image


Pfsense: block YOUTUBE.COM (https/http) using OPENDNS


Read and Follow the instructions

Youtube Domain is one of the websites that cannot easily be block . If you block youtube using IP's the google or google apps (ex:gmail,google search engine) will be affected because these domains are sharing IP's. This tutorial will help you to make your blocking easily.

Pfsense tutorial

1.) Register to OPENDNS.COM
2.) Activate your OPENDNS account in your email you provide
3.) Log-in your account to OPENDNS.COM
4.) Add a network using your IP Address  

sample image below:















4.) Double click  IP then you will be redirected to Web Content Filtering page. Select all you want to       block. After selecting categories click "APPLY".

sample image below:



5.) Go to your Pfsense proceed to System -> General Setup
5.1) Replace the DNS using OPENDNS DNS Server and "Use Gateway" is your wan address.
5.2) Uncheck the "allow DNS server list to be overridden by DHCP/PPP on WAN "
5.3) Save

sample image for 5.1 below: OPENDNS DNS Server





sample image for all step 5




















6.) Download and Install OPENDNS Updater, to be able to determine that your OPENDNS and            Pfsense are connected. If "Using OPENDNS?" is your updater is "YES" then it is successfully              connected.

sample image below:




















7.) Try it now!!! Sample site is youtube.com.

sample image below
Note: You can customize your blocking page in OPENDNS.
ex. Changing OPENDNS to your logo.