pfSense pfBlockerng DNSBL Multiple DNSBL Profiles

Morning all,

I have been using PiHole DNS for several years now to help with the lack in features that Unifi routing has. After watching many of Tom’s pfSense videos I decided to pull the trigger on a Netgate 6100. Since the 6100’s are on BO I’ve installed in on an old Dell PE2950 server, I realize 2 dual core Xeon’s and 32gb of RAM is a bit of over kill but I was not using it and it has a 10Gbe NIC so all of my vLANs are sharing one 10Gb connection to my switch.

I would like to move all of my DNS to the pfSense once I get the 6100 since it is way more energy efficient and it will help keep the internet going longer when the power goes out, current PiHole servers run on a XCP-NG and they shut down when the power goes out.

Here is the question, In PiHole you can assign different hosts or subnets to different black list groups and then treat them differently.

EX. Kid’s and IoT WiFi vLANs are more restricted then the one my wife and I use.

Currently the only way I have found to partially achieve this goal is to use pfBlockerNG for DNS on Kid’s and IoT vLANs and assign the PiHold DNS servers through DHCPon the WiFi vLAN that the wife and I use.

Is there any way to have different DNSBL profiles on a vLAN or host basis?

No. DNSBL cant do different filtering for different groups of devices the way Pihole can. I would recommend getting an actual raspberry pi and running Pihole on that and using a battery backup. It will be very energy efficient. Also, in Pihole you can use regex for filtering which DNSBL doesn’t do either. I personally use a Pihole for one home subnet and pass everything up to pfSense for basic filtering for all of my subnets.