Rules for vlan
-
How can i limit 1 single computer to only access from internet and not access other computers in the same network?
-
"other computers in the same network?"
You would need to do that switch level. Pfsense has nothing to do with traffic between computers on the same network. If your talking traffic from one network/vlan to another network/vlan on pfsense then sure you can create the appropriate firewall rules.
But when computer on 192.168.1.100 talks to 192.168.1.101 pfsense is not part of this conversation at all..
-
ok, thougt it was possible with subnet 255.255.255.255, but i gues they can just change it.
-
255.255.255.255 is not a subnet.. that host specific /32 mask.. Not sure what you think that does? Normally that would never be placed on a client - that sort of mask is used in routing or a firewall rule to represent that specific IP.
If you don't want a client on a network to talk to other clients on the network normally you would use a switch that provides private vlan support.
https://en.wikipedia.org/wiki/Private_VLAN
-
thank you :)