How to block website categories using pfBlockerNG

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to another technology video so today we're going to be showing you how we use the dnsbl category lists that are built into pf sense and how you can utilize some of those categories to block categories of websites that you don't want people accessing so in this instance we're going to be talking specifically about gambling and casino websites so as you can see here we have got our gambling website we can access it without any problems at all let's open up another one bit victor for instance so as you can see here these are up and running and we want to block access to them so how do we go about that well the first thing you want to do is you want to log on to your pf sense device locally as you can see here under the pf blocker ng we don't have our block lists at the moment we've got the basics that we've run through in previous videos to block um our various lists that we're using so to add specific um website categories to block then what you want to do is the first thing you want to do is you want to go to your firewall options and then pf blocker ng and the most important thing is we want to block top level domain so we want to go to dnsbl on our list here and then we want to enable tld we want to scroll down and we want to save that we don't need to do anything else for any any other parts on this page any configuration or anything we just need to save our tld options which is there second thing you want to do the next part you want to do is you want to go to your dnsbl categories and you want to select your blacklist category to enable and then you want to select whichever list that you want to use here now to do that you just click on whichever list that you want but in our instance we want to actually enable both lists so we click on both of them so they turn gray and we want to uh update how often do we want to do wanna update them so these are quite static lists they don't get updated a huge amount but we are going to select um weekly to update those lists and then we won't actually come into the list itself so let's have a look at the shallow list and the only category that i am interested in blocking in here is gambling and casino there are a whole load of other stuff so just pick whichever categories that you want to block um but we also use some of the other categories in the ut1 list this is quite a useful uh list as well so we actually go through and we're going to block up we're going to block gambling and casino in here but we're also going to block a couple of other ones we're going to block phishing for added security and we are also going to block um if i can find it uh so malware wherever that is phishing and malware so these are known websites that deliver malware payloads and also phishing websites is another good one that you want to block and once you've selected your lists you want to click on save so that's all the configuration that you need to do there now if you've noticed that once you've selected those you want to go through and update it because it's not going to update on its own unless you go to the update option and the update option we always choose the reload because that's what that does it reloads all of the lists it recompiles everything in my opinion it's the best way of doing this you can use update for just your lists but because we've made significant configuration changes especially with the tld option we want to click on the reload and then we'll have a look at that to see what's happening so that'll then download the latest lists as you can see here we've got the gambling list we've got uh the ut1 gambling list we've got the malware list here as well and we've got our fishing list so those are downloading that's going to recompile the dnspl database and then that is all there is to that part and then what we're going to do is while that's downloading you can um open up a ssh window to your device [Music] and log on and we'll let this list update finish in the background but what we can do is once we are on our pf sense box we can um effectively what you can do is the block list the standard block list that comes or the standard block page that comes with pfsense if you want to add your own block page then this option gives you the ability to do that so you can create your own block page and then you can load it onto pfsense and once our tld analysis is finished down the bottom here i'll show you how you can do that so the easiest way is to um find your find the page that's already in place on your pf sense device and then highlight the content add it into a notepad editor and then you can change and amend it as you see fit and then you can load it back onto the pf sense device after that so the tld um update does take a bit of time because there's an awful lot of work for it to do he needs to go through all of the lists and compile its analysis the nice thing about pf blocker ng takes care of all the duplicates so it'll go through all of the lists remove any of the duplicates so you don't double up and stuff and it trims all of your all of your lists once your tld has been finalized any database has been updated it's obviously gonna unload the dns server and then reload the configuration back or as it's known in pfsense the unbound resolver okay so that's completed then it's just going to go through and compile all the ip lists as well ipv6 if you use it in our case just ipv4 okay so that's now completed that's everything done um it's completed all of the uh all of the lists that we wanted to block this one here those two there and that's uh that's now added to all of the lists updates so if you head back to dnsbl and you scroll down you can see here that it's using the dnsbl underscore default.php block web page if you highlight the uh the location here copy that we go back to our putty session and then we can go in we want to access the shell option so that is an option in here you won't be able to do it directly so yeah you actually have to go into the shell number eight is the shell and now we can find our location so all we're doing is we're pasting the location that we copied from our pf sense gui now if we have a look what's in here as you can see here the dnsbl default file is the blocked web page so if we cut that web page that will give you the code here and then all you need to do is highlight the code like so open up your editor [Music] and then paste your configuration here and you can amend your configuration um as you see fit create your own block web page and then once you've done that you would come back to your pfsense box you can create your new file so you can for instance you can call it a different name save it into this location and then when you come back here and you reload your page your block page will be presented in here we're just going to select the default block page for now but that's how you create your own block page so the next thing you want to do is you want to come back to your main screen gui and just double check that your lists or your category lists have appeared in your dnsbl configuration um and you can see it in your lists here so you can see here we've got the shell our list comprising of 14 000 and then the ut1 ut1 list of 123 000 so this is not only the gambling websites it's the malware and the fishing category as well which is why that one's higher okay so now let's go back and see if we can get to those websites so i think it was the first one we used with fred let's see if we can get to that we might still be able to get to it because it might still be holding a session open but as you can see here actually it's not allowing us to get there and we're getting a block let's just try and get to another website let's try 888.com see if we can get to that so that's blocked straight away um and so that's all there is to it really so your categories of websites are now blocks now the reason i've used both of them here so as you can see here all the all the stuff that i've tested so far is on the shallow list the reason i've also added gambling on the ut1 list is if there's anything in the ut1 list that isn't covered by the shallow list then that's going to do a mop-up job it's going to pick up any additional websites if those are on the ut1 list and they're not on this sharla list as well so that tells you it gives you a bit of extra reliance making sure that the lists are covered now what about if you find that there's something on there that isn't in those lists well the best way to do that would be actually to go to the uh ut1 area or the shallow list area on the internet and then request that those are actually added into the categories which you can do so that's all there is to it really that's a way of protecting your home users or your business users from accessing websites that you don't want them to if you found that useful give it a thumbs up don't forget to subscribe to the channel if you've got any questions leave them in the comments below and we'll get back to you on those thanks for watching you

Info

Channel: Frimley Computing

Views: 6,482

Rating: undefined out of 5

Keywords: block websites, website categories, pfSense, pfBlockerNG, block malware, block phishing, block porn, adult content, shallalist, ut1

Id: luXhXisoWhA

Channel Id: undefined

Length: 12min 26sec (746 seconds)

Published: Sun Aug 30 2020