Interactive rules

kosmocronos

Hello,
are there any ways to built  an "interactive rules"?. I would like to have a rules that , when a specific (or a range) wan  Ip is trying  to connect to the server of my internal lan, permit me to block or permit (as I want in that moment) the access request.
Many thanks to all for the help, and excuse me my bad english.

Regards,
Claudio

sullrich

Sorry,  not sure what you are asking…

hoba

I think I understand what you mean, however that won't work and you probably would have a lot of questions to handle with todays internettraffic hitting your ports. Check your firewall logs for connection attempts at status>system logs, tab firewall. Not doable nor useful imo.

kosmocronos

Many thanks to all for the replies,
That I would want is this. I have four  remote  clients that acess my internal lan server (WIN 2003) by terminal server. The rules in the firewall permit traffic of these  four Ip addresses. I would like to receive a message on my pc when one of this ip is connetting to my internal lan server and decide in that moment what to do : block or permit.

I hope in your help,
regards,
Claudio

Leoandru

The best solution at the moment is to install a personal firewall on the your server, one that prompts you on incoming connection attempts. Then open a terminal window to your server from your pc.

hoba

Other solution:

• enable remote syslog server at the pfsense and create a block rule with "log" enabled
• disable logging of default deny rule
• install syslog deamon at your client that sends you a mail on receiving this alert or plays a beep or a popup or whatever (depends on the tool you use)
• create a rule in the webgui for this connection to pass above the logging rule and disable it (you can quickenable/disable this rule by clicking the small pass icon in front of the rule and hitting apply)

It's not like a popup and only clicking an allow or deny button but might work depending on how often you need it.