Allow internet only for certain interfaces

  • I have pfSense set up with several interfaces.  Some of them are bridged while others are not.

    What I would like to do is to set up internat only access by default.  Then I can add additional rules allowing certain traffic between the various interfaces.

    What is the best way to accomplish this?  I'm not sure how to go about it with the bridged interfaces.


    1. Create an alias with all your subnets in.

    2. Create a rule on the interface that blocks traffic out to the above alias and place it at the top of the rule list.

    3. Create rules above the block list allowing dns & anything that the local router is supplying.

Log in to reply