Allow any to any then create specific rules



  • hi all,

    atm what i have done works but i was wondering instead of having a network alias called "allnet" (bottom rule as source) can i change it to * ie any as i think this would work the same wouldnt it?

    and the two block rules above the any rule, can i just have one block rule ie perimiter to internal and will it work visa versa aswell? (dont think it will so i have done two block rules for visa versa)

    just to explain

    my allnet is my internal (LAN) + perimiter (inbetween lan and internet) network

    and my default rule i DO want all networks to access the internet

    and above the default rule i have made block rules and allow rules so my perimiter can access certain lan networks ie my DNS and my smtp server

    hope that makes sense

    cheers,

    rob
    ![pfsense rules.PNG](/public/imported_attachments/1/pfsense rules.PNG)
    ![pfsense rules.PNG_thumb](/public/imported_attachments/1/pfsense rules.PNG_thumb)