pfBlockerNG and using ASNs ... maybe I don't understand them ...
from trilobite@lemmy.ml to selfhosted@lemmy.world on 04 Oct 06:51
https://lemmy.ml/post/37069858

Hi, a few years ago I installed pfBlockerNG on my pfSense router. I currently have 2.8.1-RELEASE (amd64) running with pfBlockerNG 3.2.10 installed.

Under Firewall->pfBlockerNG->IP->IPv4 I have a WLAN_EGRESS list that I use to instruct the router to not route my traffic through my VPN so that I avoid my bank and email servers complaining that I’m using a VPN.

I try to use the ASN functionality but I may not understand how this works because my email provider ARUBA keeps sending me emails that suggest my account has been compromised. Plus, my SMTP server (smtps.aruba.it) will not allow connecting if I’m going through my VPN.

In my WLAN_EGRESS, I have a whois rule against “ifconfig.co” and when I visit this page, it indeed shows my ISP IP, which is what its meant to be doing. SO i thought I would create many rules, one for each ASN against Aruba, thinking it would allow me to circumvent the VPN when routing traffic to my Aruba IMAPS and SMPTS servers. But no luck.

I also keep getting messages from pfSense that say " pfBlockerNG ASN - To utilize the ASN functionality, you must register for a free IPinfo Account. Review IP Tab for more information. @ 2025-10-04 00:10:23" I believe I don’t require such account to get this working do I?

#selfhosted

threaded - newest

liliumstar@lemmy.dbzer0.com on 04 Oct 06:59 collapse

I’m guessing that pfBlockerNG is using the IPInfo database to query what IPs the ASNs own, so I think it would be required. ASNs are not static, so it wouldn’t make sense to ship a database of them, it would immediately be outdated.

trilobite@lemmy.ml on 04 Oct 08:02 collapse

Yeah, seems like the registration to IPinfo is required so that you can download a token which then allow pfBlockerNG to download the ASN database. I’ve just registered to IPinfo and it seems like (unless its a false alarm) that it now works.

However, I’ve also learned that all the ARUB ASNs I had didn’t include the SMPTS server I was using.

Basically, I did an nslookup smtps.aruba.it, got the IP and then did a search for the ASN using Team Cymru IP to ASN Lookup v1.0 here asn.cymru.com/cgi-bin/whois.cgi to find the ASN. I then copied the ASN in the WAN_EGRESS list and bingo its working.