pfSense गाइड

Is guide ka upyog karke pfSense me URL Table aliases ke through Cybora integrate karein. Native pfSense me ye external IP-based threat feed ko consume karne aur firewall rules me apply karne ka sabse direct tarika hai.

What pfSense can do with a Cybora feed

  • pfSense remote IP-based feeds ko URL Table aliases me load kar sakta hai.
  • Alias ko firewall rules me wahan use kiya ja sakta hai jahan network alias support hota hai.
  • Ye native workflow IP-based Cybora feeds ke liye best hai.
  • Native pfSense URL Table aliases day-based schedule par refresh hote hain, isliye ye daily retrieval ke liye zyada suitable hain, very frequent updates ke liye nahi.

Before you start

  • Aisi pfSense release use karein jo URL Table aliases support karti ho.
  • Ensure karein ki firewall Cybora feed URL ko HTTPS ke through reach kar sake.
  • IP-based Cybora feed use karein, kyunki native URL Table alias workflow remote IP/network data ke liye bana hai.
  • Feed plain text me rakhein, ek IP, subnet ya range per line.

Create the alias

  1. Firewall > Aliases par jayen aur naya alias add karein.
  2. Alias ka clear naam aur description dein.
  3. Type ko URL Table (IPs) par set karein.
  4. Cybora feed URL ko URL field me paste karein.
  5. Update interval set karein. Native pfSense URL Table aliases me refresh cadence day-based hoti hai. Aisa value chunen jo aapke Cybora plan ke andar ho aur feed ko plan se zyada frequently query na karein. Allowed interval ke andar sirf ek request permitted hai. Excessive polling ki wajah se feed block ho sakta hai.
  6. Alias save karein aur apply karein.

Apply the alias in firewall rules

  1. Wahi firewall rule kholen jahan aap imported indicators ko enforce karna chahte hain.
  2. Cybora alias ko source ya destination ke roop me use karein.
  3. Rule action ko is tarah set karein ki matching traffic expected tarike se block ya reject ho.
  4. Rule par logging enable karein taaki matches later confirm kiye ja sakein.
  5. Firewall changes apply karein.

Validation

  1. Alias khol kar confirm karein ki remote content successfully fetch hua hai.
  2. Verify karein ki alias intended firewall rule me dikh raha hai.
  3. Firewall logs review karke confirm karein ki matching traffic us rule se block ho raha hai jo alias ko reference karta hai.
  4. Zarurat padne par alias table contents check karein taaki expected indicators present hon.

Further reading

इंटीग्रेशंस पर वापस जाएँ