Here is a simple way to block ad's for you entire network using pfSense, this is easy as editing the host file on a machine. (You must be using pfsense as your router or configure your router to use the IP of your pfsense server as the DNS server.)
Login to pfSense: Go to "Services", then "DNS Forwarder" and paste the Ad sites you would like to block in the following format under "Advanced":
address=/<url-here>/<ip-here>
So to block smartclip.net for example, enter the following
address=/smartclip.net/127.0.0.1
Note: This entry above will block *.smartclip.net by pointing it back to your local machine. For example that line will block www.smartclip.net, test.smartclip.net, etc. It's like a DNS Wildcard.
Normally the following URL would resolve as follows:
nslookup test.smartclip.net
Name: test.smartclip.net
Address: 78.46.98.112
nslookup www.smartclip.net
Name: www.smartclip.net
Address: 213.203.209.152
By adding the line address=/smartclip.net/127.0.0.1, the nslookup now returns the following:
Name: test.smartclip.net
Address: 127.0.0.1
Name: www.smartclip.net
Address: 127.0.0.1
Login to pfSense: Go to "Services", then "DNS Forwarder" and paste the Ad sites you would like to block in the following format under "Advanced":
address=/<url-here>/<ip-here>
So to block smartclip.net for example, enter the following
address=/smartclip.net/127.0.0.1
Note: This entry above will block *.smartclip.net by pointing it back to your local machine. For example that line will block www.smartclip.net, test.smartclip.net, etc. It's like a DNS Wildcard.
Normally the following URL would resolve as follows:
nslookup test.smartclip.net
Name: test.smartclip.net
Address: 78.46.98.112
nslookup www.smartclip.net
Name: www.smartclip.net
Address: 213.203.209.152
By adding the line address=/smartclip.net/127.0.0.1, the nslookup now returns the following:
Name: test.smartclip.net
Address: 127.0.0.1
Name: www.smartclip.net
Address: 127.0.0.1
No comments:
Post a Comment
Thanks for your input.