Howto deny range of IP?
-
Hi Ijust install pfsense,
I wonder how to deny a range of IP address? let say I just want to allow 192.168.0.1-192.168.0.50?
I know there is a function on the DHCP to limit the user access, but how if the user set the IP address manually, let say using 192.168.0.100 ?
Thanks in advance,
Tohar
-
Insert appropriate firewall rule in the appropriate interface, only allowing your chosen range access.
-
@Cry:
Insert appropriate firewall rule in the appropriate interface, only allowing your chosen range access.
could you explain it more details, I couldn't find way to insert range of ip address
-
fw rules -> add rule -> source -> under type you select network then enter network and bitmask
did that help?
/f
-
If you dont want to allow/block a whole subnet you can also define Aliases under the "alias" entry in the menu and use these aliases in your rules.
Aliases can contain multiple single IPs, Networks, or Ports. -
you dont need to block/unblock a whole subnet just use a bitmask of say 26 to use first 64 of a net
or just use a combo of bitmask and alias