To learn more about Out-of-the-box Integrations and their benefits, please refer to this article.

Requirements

• A pfSense Firewall with FreeBSD 12.2-STABLE version 2.5.2-RELEASE or greater
• A Lumu Defender subscription

Add Integration

1. Log in to your Lumu account through the Lumu Portal and navigate to the integrations screen.

2. Locate the pfSense® integration in the available apps area and click “Add”.

3. Familiarize yourself with the integration details available in the app description and click the button below to activate the integration.

4. To generate the integration URL, add a description and select the threat types you want to include in the list. You can also generate a list of compromised IPs.

5. Once you create the integration, you will be provided with the Integration URLs:

Setup Netgate pfSense®

pfBlocker package install

You will need to install the pfBlokcerNG package before using this integration. Please follow the pfBlocker-NG Package instructions.

pfBlocker package setup

Follow these steps to configure the pfBlocker package in your pfSense Firewall, using the configuration GUI.

If it is the first time you configure this plugin, it is recommended to avoid using the wizard and configure all the settings manually instead

1. Click on the pfBlockerNG option under the Firewall menu in the top navigation bar. Click on the Here label if it is your first time configuring this plugin.

2. Under the General Settings tab:

a. Check if the package is active by clicking pfBlockerNG checkbox.

b. Configure the CRON settings to refresh the configuration according to your needs. Remember that threats will be added to the Lumu integration every five minutes, but will be added/deleted from your firewall according to this configuration and the module minimum supported interval.

3. Click the Save button

1. Activate the DNSBL feature by clicking the Enable DNSBL checkbox.

2. Go to the DNSBL Groups tab. Click on the Add button.

3. Fill in the required information for the Lumu feed:

a. Add a distinctive name and description

b. Add a source definition by clicking the Add button. Set its state to ON, and paste the Domains & URLs URL given by Lumu.

c. Add a distinctive label

d. Set the Action to Unbound

e. Define the Update frequency

f. Save your new group

1. Go to the IP tab, and click on the Add button.

2. Fill in the required information for the Lumu feed:

a. Add a distinctive name and description

b. Add a source definition by clicking the Add button. Set its state to ON, and paste the IPs Addresses URL given by Lumu.

c. Add a distinctive label

d. Set the Action to Deny Both

e. Define the Update frequency

f. Save your new group

1. Click on the Reload button in the Select ‘Force’ option

2. Click on the All button in the Select ‘Reload’ option

3. Click on the Run button

The update process generates a log as follows:

If you get a report like the one above, the integration should be up and running.