Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block Website for Single IP or a Network Range

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 784 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sunnysthakur
      last edited by

      Hello,

      We are testing pfsense to implement in our network for website and download blocking for some of the members. I am able to do so with Squid and SquidGuard, where we can block the website or download for all the network. But i am not able to find how to block it for some of the IPs or network range.

      Please help me here.

      1 Reply Last reply Reply Quote 0
      • KOMK Offline
        KOM
        last edited by

        You do it via squidguard's Groups ACL.  Create a new ACL, configure it with your IPs or network and then configure your target rules list for that ACL.

        1 Reply Last reply Reply Quote 0
        • S Offline
          sunnysthakur
          last edited by

          Hello,

          I tried with Group ACL method but not able to block for single IP or network. However it work fine when define only target rules and that apply on all the network.

          However i tried another method via create alias.

          • I created alias where i mentioned all the facebook IPs/network.
          • I created a alias where i mentioned the IP where i need to block facebook.
          • Then i created a rule (firewall) where is selected the source alias [Local IP alias] and destination alias [Facebook IPs] and applied rejected rule.

          But still i am not able to block facebook on selected IP.

          1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM
            last edited by

            I tried with Group ACL method but not able to block for single IP or network.

            Then you're doing something wrong.  It does work.  I use it that way myself.  Maybe you have a problem with the order the ACLs are listed in?

            btw this really should be in the Cache/Proxy forum.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.