Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help configuring Rules

    Firewalling
    2
    2
    710
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      J1ggy
      last edited by

      Hi all

      i am new to pFsense and i currently running a test server. i have done some research, watch some videos and done some tutorials.

      1. what i am trying to do.

      i want to deny traffic by default an manually allow each IP/User
      i want to limit certain laptops to limited internet time and have access to an internet calendar and email.
      i want to limit 2 computers on the network to the calendar only.
      i want to limit bandwidth on other laptops and devices.
      i want to give unrestricted access to certain devices
      assess DVR for local and external networks.
      VPN to a Server.
      every one can print.

      1. What i know and can do

      i have a wan and lan interface.
      i can deny traffic.
      i can deny individual websites
      i can port forward.
      haven't looked at vpn just yet

      i am a little confused. i want to deny all, look in the leased dchp table, find the user and  assign static ip. Then go back and assign rule/s to the ip with predefined aliases.

      am i going about this the wrong way? i want deny everyone ( about 15 users) and manually allow them online, by their mac/ip with restrictions.

      is there a way i can do a group? i dont know about Vlan.

      thanks

      1 Reply Last reply Reply Quote 0
      • M
        muswellhillbilly
        last edited by

        Here are some basics on setting up custom rules, as opposed to having the default 'allow all' rule on outbound LAN rules:
        https://doc.pfsense.org/index.php/Example_basic_configuration

        Firewall rule schedules:
        https://doc.pfsense.org/index.php/Firewall_Rule_Schedules

        Limiting bandwidth:
        https://doc.pfsense.org/index.php/Limiters

        Port forwarding:
        https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

        If you're really considering making your DVR available from external networks, make sure you lock down access to it - change the default admin password, for starters. The recent Dyn DDoS attack was carried out using mostly unsecured webcams and DVRs which were open to the internet.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post