snork.ca ... making kittens cry since 2001
homeabouttoscanaryrssmansvalidatecontact

pfSense Alias URL Tables 2013-12-27


This is kind of an update to this post.

In short, I just wanted to maintain a list of "bad people" so that they would not be able to access my web site. The truth of the matter is that these "bad people" are in fact server farms with shitware on them that are looking for vulnerabilities in my WordPress installation. By making a URL Table Alias in pfSense I am able to tell my firewall to block any incoming web traffic coming from these networks.

The problem I had was that the list was not updating very frequently. pfSense updates these lists every 32 days by default and the quickest you can set it to is 1 day. Unfortunately, pfSense also seems to be confused about whether or not there are changes sometimes. So based on some information I found in a few different forums posts I decided to just manually update it (and force the update of my personal list)… here's how.

When you create an alias there is a cron job that runs /etc/rc.update_urltables every day at 12:30 to update it. If you have the cron package installed in pfSense you'll be able to see that. Using the "Edit File" feature of the pfSense GUI I just copied the contents of this file in to a new file called /etc/rc.update_urltables_forced. Then I added a line to the script that says

unlink("/var/db/aliastables/Hosted.txt");

The alias I created is actually called "Hosted" which is why the above file name is used. This basically deletes the current list and will of course force an update rather than just saying it doesn't need to update. Finally I created a cron job that runs this at 13 minutes after the hour and 43 minutes after the hour for every hour of the day. Now, let's see if my list gets updated a little more frequently eh.

goodnews Futurama reference eh.

Made using Notepad++ & FastStone. Hosted on Debian with nginx & php. Powered by North Korean mushrooms.