Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How except IP from block

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      ahmadhassan
      last edited by

      Hello all,
      This a first time use of sense
      I install latest version of offense 2.3.2 and use openings to block.
      Create Alias and create rule destination to DNS
      Now I need exepect some IP from this block "open anything"

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        Reject source 192.168.1.100/32
        Pass source 192.168.1.0/24

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • A Offline
          ahmadhassan
          last edited by

          @Derelict:

          Reject source 192.168.1.100/32
          Pass source 192.168.1.0/24

          Thanks Derelict for reply
          I don't understand mean "Reject and Pass source"
          Also in the diagram use VPN, I need quick step
          This first time use of pfsense  :)

          1 Reply Last reply Reply Quote 0
          • B Offline
            blackj
            last edited by

            you have to do it in 2 steps, create a rule to block what you want to block as the top rule, and create another rule to allow what you want to allow as second rule. The rules are executed in order top down.

            1 Reply Last reply Reply Quote 0
            • A Offline
              ahmadhassan
              last edited by

              @blackj:

              you have to do it in 2 steps, create a rule to block what you want to block as the top rule, and create another rule to allow what you want to allow as second rule. The rules are executed in order top down.

              Thanks blackj

              I attached snapshot from RULE–>LAN, NAT and Aliases

              Rule_Lan.JPG
              Rule_Lan.JPG_thumb
              NAT_Port.Forward.JPG
              NAT_Port.Forward.JPG_thumb
              Aliases.JPG
              Aliases.JPG_thumb

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.