You dont make much sense. maybe you should describe: 1: what you have. (hardware, existing network layout) 2: what you want. (intended network layout) 3: what you already tried 4: what went wrong  or doesnt work as expected. There is no point in throwing wild guesses about CPU utilisation around.

Nevermind. I see the aliases are case sensitive.  ;) @k1DBLITZ: Running into a slight problem. I created an alias for multiple networks and multiple. I was able to successfully select the alias for the destination networks, however, for the destination ports I don't see how to select an alias. It keeps telling me the value must be an integer. @MindTwist: You can create an alias, enter those two ports on the alias, and then add the alias to the rule.

what port it is  and how can I configure it on pfsense

i had the same fault this morning. random. i reinstalled the squidguard package and re-downloaded the blocklist from http://www.shallalist.de/Downloads/shallalist.tar.gz it all works fine now. Al

That would indeed be wonderful  ;D Crossing my fingers  :)

Right after installing pfSense you have a rule on LAN that allows everything from the LAN out. @http://forum.pfsense.org/index.php/topic: Rules are processed from top to down. If a rule catches the rest of the rules is no longer considered. Per default a "block all" rule is always in place (invisible below your own rules). Traffic is filtered on the Interface on which traffic comes in. So traffic comming in on the LAN-Interface will only be processed by the rules you define on the LAN tab.

hi could you please post how to do it if you in here. thank you hadi 57

Mmm  :( I went and had a look at the Cisco Catalyst switch that our data providers says is definitely set to full duplex and sure enough the full duplex light shows up on that port (we don't get access to the console).

thx for the explanation :)

Everything is by IP.  You can control access by IP, so yes you could only allow access to certain services (or the Internet) based upon IP.

thanks for your help dotdash. I am looking up on how to convert this to an alias, and will perform some quick benchmarking, and will report back here. I am currently using this (as described here) for my firewall, and all seems to work without complaints. However if it would work better another way, I am all for it! -Maboo

@jahonix: What do you want to allow? Ok thank you. It was from the LAN to the external address of pfsense (in order to test it).

That won't be a problem because the DNS server does reside on another network. Thank you for the help. I will try it out when I get a chance and post results.

Ok I got it working. Thank You,

Unless you allow traffic it's denied. The default rules in pfSense block all IPv6. Unless you add a rule with any source, any destination and any protocol (a bad idea), IPv6 cannot pass.