NxFilter Tutorial
Tutorial Index

GUI - Config
These are mostly system-wide settings for NxFilter.

Config > Setup > Block and Authentication
- Block Redirection IP
This is the IP address of NxFilter itself. If there is a blocked DNS request, it will be redirected to this IP address. Normally, it will be populated automatically during the installation process.

When you use clustering, you can add multiple block redirection IP addresses separated by commas for redundancy.

- Silent Block
With this option enabled, we don't do block redirection. So, there's no block page to be shown. This option is for the users wanting to block a website silently. On user browser, it will be appeared as a connection problem or a DNS resolution failure. This option is also useful when you want to hide the SSL warning from blocking HTTPS request.
Even if you use 'Slient Block' option, 'Block Redirection IP' is still needed for login redirection and some other internal purposes.

- Enable Authentication
After you enable this option, any unauthenticated user will be redirected to NxFilter's login page.

- Login Domain
You can access NxFilter's login page using the domain set here.

- Logout Domain
If you send a DNS request for this domain, your login session will be cleared out. The easiest way of using this feature would be to enter the domain into your browser address bar.

- Login Session TTL
NxFilter keeps a login session after a user logged in. However, this login session needs to be expired eventually. It is especially required when there is a shared PC by several users. If a user doesn't make any DNS request for the specified amount of time defined here, his login session will be expired and the user needs to login again.

- Disable Login Redirection
With this option enabled, NxFilter doesn't do login redirection. All the DNS packets from unauthenticated users will be dropped. This option is for hiding your server from DNS attackers when you deploy your server on the Internet.

Config > Setup > Syslog
NxFilter supports Syslog exportation of its log data. You can build your own reporting system with this feature or you can monitor all the logging in a real-time way.

- Syslog Host
The host IP address to which you want to send your log data.

- Syslog Port
UDP port of a target host.

- Export Blocked Only
With this option, NxFilter sends the log data of blocked DNS request only.

- From Each Node
At default, Clustered NxFilter sends Syslog data only through its master node. When you enable this option, each node exports its own data.

- Enable Remote Logging
Enable Syslog exportation.

Config > Setup > NetFlow
NxFilter supports bandwidth control. It is possible by importing NetFlow data. To find out more, read Bandwidth control with NxFilter

- Router IP
The IP address of a device sending NetFlow data to NxFilter.

- Listen Port
The UDP port number of NetFlow collector.

- Run Collector
Run NetFlow collector. After change this option, you need to restart NxFilter.

Config > Setup > Misc
- Admin Domain
You can access NxFilter admin GUI using the domain set here. For example, if you set 'admin.example.com' to be your admin domain you can access your admin GUI by typing 'http://admin.example.com/admin' into your browser address bar.

This only works when you use NxFilter as your DNS server.

- Log Retention Period
If you keep your log data too long, you may have a disk space problem. You can set how long NxFilter keeps its log data here.

- SSL Only to Admin GUI
When you want to allow HTTPS access only to your admin GUI, enable this option.

- Auto Backup
NxFilter makes a backup file for its configuration into /nxfilter/backup directory on 01:00 everyday. The name of the backup file starts with 'auto-' prefix. You can have up to 30 backups.

Config > Admin
You can change admin name and password for GUI login here.

- Client Password
The password for CxBlock setup page.

- Report Password
The password for a report manager to access logging/reporting related menus on GUI.

After you set 'Report Password' you can create this kind of link,

When you click the link, you get the permission to view everything under 'Logging' and 'Report' and will be forwarded to 'Report > Daily'
Config > Alert
NxFilter sends an email for recent blocking or access violation. If you want to send an alert email to 'admin@example.com' from 'alert200@nxfilter.org' every 15 minutes then the setup would look like the below.

  • Admin Email : admin@example.com
  • SMTP Host : smtp.nxfilter.org
  • SMTP Host : 25
  • SSL/TLS : None
  • SMTP User : alert200@nxfilter.org
  • SMTP Password : ********
  • Alert Period : Every 15 minutes

When you set this up, NxFilter also sends alert emails for system related events. However, 'CC Recipients' is only for access violation by your filtering policies.
You can set up the categories you want to get alerted for when a domain gets blocked.

Config > Allowed IP
IP based access control for GUI.

Config > Backup
You can create and download a backup file for the current configuration of NxFilter.

Config > Block Page
You can set up your own block page, login page, welcome page. When you edit your block page you can use the following variables populated by NxFilter for making your block page more informative.

  • #{domain} : Blocked domain
  • #{reason} : Reason for block
  • #{user} : Logged-in username
  • #{group} : Groups of the logged-in user
  • #{policy} : The applied policy
  • #{category} : Categories of the blocked domain

Config > Cluster
NxFilter has a built-in clustering. You can make your NxFilter to be a master node or a slave node in a cluster. After you change the values in cluster setup you need to restart NxFilter to apply the new settings. To find out more about clustering, read Clustering with NxFilter