this post was submitted on 04 Oct 2025
14 points (100.0% liked)

Selfhosted

52489 readers
1212 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Hi, a few years ago I installed pfBlockerNG on my pfSense router. I currently have 2.8.1-RELEASE (amd64) running with pfBlockerNG 3.2.10 installed.

Under Firewall->pfBlockerNG->IP->IPv4 I have a WLAN_EGRESS list that I use to instruct the router to not route my traffic through my VPN so that I avoid my bank and email servers complaining that I'm using a VPN.

I try to use the ASN functionality but I may not understand how this works because my email provider ARUBA keeps sending me emails that suggest my account has been compromised. Plus, my SMTP server (smtps.aruba.it) will not allow connecting if I'm going through my VPN.

In my WLAN_EGRESS, I have a whois rule against "ifconfig.co" and when I visit this page, it indeed shows my ISP IP, which is what its meant to be doing. SO i thought I would create many rules, one for each ASN against Aruba, thinking it would allow me to circumvent the VPN when routing traffic to my Aruba IMAPS and SMPTS servers. But no luck.

I also keep getting messages from pfSense that say " pfBlockerNG ASN - To utilize the ASN functionality, you must register for a free IPinfo Account. Review IP Tab for more information. @ 2025-10-04 00:10:23" I believe I don't require such account to get this working do I?

you are viewing a single comment's thread
view the rest of the comments
[–] liliumstar@lemmy.dbzer0.com 4 points 2 weeks ago (1 children)

I'm guessing that pfBlockerNG is using the IPInfo database to query what IPs the ASNs own, so I think it would be required. ASNs are not static, so it wouldn't make sense to ship a database of them, it would immediately be outdated.

[–] trilobite@lemmy.ml 1 points 2 weeks ago

Yeah, seems like the registration to IPinfo is required so that you can download a token which then allow pfBlockerNG to download the ASN database. I've just registered to IPinfo and it seems like (unless its a false alarm) that it now works.

However, I've also learned that all the ARUB ASNs I had didn't include the SMPTS server I was using.

Basically, I did an nslookup smtps.aruba.it, got the IP and then did a search for the ASN using Team Cymru IP to ASN Lookup v1.0 here https://asn.cymru.com/cgi-bin/whois.cgi to find the ASN. I then copied the ASN in the WAN_EGRESS list and bingo its working.