@hoba:

everything is generated dynamically from the config.xml (diagnostics>backup/restore if you want to look at it or manually edit it)

I think, then, that that is where I need to focus for now.

gl with it m8  :D

http://www.google.com/search?q=site:forum.pfsense.org+%22static+port%22+voip

which gives

http://forum.pfsense.org/index.php?topic=3128.0;prev_next=prev

No problem. I'll test it later when it's ready.

Cheers,
//Eskild

THANK THANK THANK

:P :P :P :P

correct. Not even Internet access should be possible.

block all port exept port 80
then move the pfsense web gui from port 80 to a differend port link 10000 or so
install squid and config it as a transparten webproxy

now port 80 can only be used for http
torents and messingers  can not go true port 80 now

I have used this option too, but I have to have one of IP address and it cannot be blocket by static ARP… so there is no solution to block listed below mac address?

No, a snapshot.  Not 1.0.1.

We do not do IPV6.

:)
Thanks a lot!

Cool,

I will give it a try and ask question as I go along.  I guess I am going to learn a lot.

Thanks hoba

Dominic Iadicicco
Network Administrator
South Country Library
22 Station Road
Bellport NY 11713

I've also tried with proftpd as opposed to vsftpd and windows server 2003 ftp and same behavior. i believe Windows FTP defaults to active mode

I don't think something like this is possible currently. You only can forward/redirect IP-Adresses but not MACs. If I get you right you would need a source based natting which is currently not supported in the gui either.

If you really have such problems blocking it at the isp level is the better way as you only can block what already has been on your line when it reaches you so your bandwidth will be utilized even when you block it at your end.

whats the mail for ???
dyndns is taking care of that

wlelystad.homeip.net is my dyndns and if my ip chances i will not note that
the url is still the same as before the ip chance