Installation

CautiousConnect is an IPv6 security feed based on SixInt’s IPv6 intelligence mapping. These installation instructions are specific to deploying CautiousConnect with the opensource pfsense firewall, and assume a working pfsense deployment.

CautiousConnect leverages the pfBlockerNG framework. If pfBlockerNG is not yet installed, use the pfsense package manager to do so. Additional instructions for installing pfBlockerNG are available here.

Once pfBlockerNG is installed in an operational pfsense deployment, installing CautiousConnect is as simple as obtaining a license key (free) to the feed, and configuring the feed.

  1. To subscribe to the free CautiousConnect data feed, first register and signup:

    Register

  2. Login to your SixInt account to obtain your unique API key, for instance:
    API

  3. Next, setup the firewall to use CautiousConnect. Select the pfBlockerNG setup from the Firewall menu:

pfBlockerNG setup:

pfBlockerNG

  1. Select the IPv6 feed setup option from the IP menu on the main pfBlockerNG setup page.

IPv6 Configuration:

IPv6 Config

  1. Enter a feed name and description, e.g., “pfb_SixInt_CC” and “SixInt CautiousConnect”

  2. Enter the URL for the CautiousConnect feed, and replace “XXX” with your registered key

  3. Toggle the State to “ON”

  4. Select “Deny Both” for the Action setting

  5. Click “Save IPv6 Settings”

  1. That’s it, done! View blocked connections on the main page of the firewall, or through the pfBlockerNG logs.