Blocking Networks Via Alias not working
-
Hey guys. I apologize in advance for my pfsense newbery. I think I'm doing this right, but I'm not sure.
I am trying to block all outbound connections to the known Netflix network ranges listed here;
108.175.32.0/20 108.175.32.0/24 108.175.33.0/24 108.175.34.0/24 108.175.35.0/24 108.175.38.0/24 108.175.39.0/24 108.175.40.0/24 108.175.41.0/24 108.175.42.0/24
To do this, I assumed that I could create a network alias in PFsense like shown in this screenshot;
Then I created a firewall rule on the LAN interface in which destination = ALIAS like in this screenshot.
Unfortunately I got the errors "The Field Destination bit count is required" and "Alias entries must be single host or alias"
Clearly, I am doing something wrong here. Hopefully someone can point me in the right direction here. Thanks in advance.
-
At destination you have to select "single host or alias" from the dropdown if you want to enter an alias.
-
And your /20 entry covers all of those /24 networks already.
108.175.32.0/20 = 108.175.32.0 - 108.175.47.255
-
And your /20 entry covers all of those /24 networks already.
108.175.32.0/20 = 108.175.32.0 - 108.175.47.255
Wow, really? Shows how much I know about subnetting. So if I just add 108.175.32.0/20 it will block all outbound connections to all of those networks?
-
Yes, as Derelict mentioned.
If you're unsure with subnets use this: http://www.subnet-calculator.com/cidr.php