Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to blk acces to the internet?

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rtr1900
      last edited by

      Hi,

      I am not sure if  should post this here.
      I need to know how it is possible to block access to:

      1. Full internet
      2. Fulle internet, except some pages
      3. Chat programs

      Please, can you explain it in a simple way. Cause I don´t understand how to do it….

      Regards,

      Johny

      1 Reply Last reply Reply Quote 0
      • Y
        yoda715
        last edited by

        Well, assuming that you are referring to traffic originating from your LAN segment destined outbound, you would simply create firewall rules in the LAN segment explicitly denying all traffic from your LAN IPs (or any IP) destined to any. This applies to chat programs to.

        Restricting access to only certain websites gets a bit trickier. I would create rules to deny traffic to all, and then create an allow traffic to certain IP with a higher priority than that deny rule.

        1 Reply Last reply Reply Quote 0
        • R
          rtr1900
          last edited by

          Thx.

          So if I get it right it isn´t possible to make for every user a rule of which pages he can or can not access?

          It is that in the company almost every user can access only some sites and mostly they are different (departments sales, comercial, buying, stock,…)
          For example:
          Adminsitration: only access to the banks
          Stock: Only access to the providers
          Sales: Only access to Google, and some other sites
          etc... ...

          Thx,

          David

          1 Reply Last reply Reply Quote 0
          • S
            sai
            last edited by

            restricting websites is best done using something like Squid - you can maybe use the package in pfSense for this.

            there are some useful threads here:  http://forum.pfsense.org/index.php/board,15.0.html

            1 Reply Last reply Reply Quote 0
            • R
              rtr1900
              last edited by

              Thx Sai,

              yes indeed about Squid. I am getting into that.
              I managed already to make a filter and add some IPs to it.

              Now my next object is to create for every user a filter.
              I have this in Squid.inc:

              acl semirestricted_hosts src "/var/squid/acl/semirestricted_hosts.acl"
              acl semirestrictedlist dstdom_regex -i "/var/squid/acl/semiwhite.acl"

              Now, should I just add two more lines to create another filter?

              Thx,

              David

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.