How to Apply Different Whitelists to Different Networks using PFBlocker

Hi everyone,

I’ve been browsing the forum but haven’t found a solution that fits my specific needs. I’m in the process of starting a grocery store and I’d like to implement PF blocker in the following way:

  1. Apply standard filters to all corporate, data center, and guest networks to block inappropriate content (e.g., pornography).

  2. For PCI networks, I’d like a default “block all” setting, with allowances only for explicitly defined sites or services.

I’ve managed to get started using IPv4 custom lists, but I’m facing a challenge. I need to allow certain wildcard domains for Windows updates and other patch management requirements. I know that wildcard domain blocking generally falls under DNSBL, but I couldn’t figure out how to apply certain lists to specific networks.

How can I achieve this while maintaining a separate policy for the PCI VLAN?

Any guidance would be greatly appreciated.

I am not aware of any way to do that with pfsense other than creating alias lists for each network which would probably be tedious to maintain.

What you can do is enable the feeds for all your VLAN’s but set the feeds to be aliases. Then you can apply each alias (feed) to the proper VLAN.