Multiple source to one destionation



  • Demand to make rule which will whitelist multiple networks: 71.209.84.0/24, 223.189.151.160/29, … etc (+20) to one destination IP and its PORT.

    Questions is, can this be done by 1 rule? Instead of +20 (always to whitelist one network by one).

    Thanks



  • Add your whitelist in Firewall > Aliases > IP as type networks and set a name for it. You may also import it there if you have all the networks in a list already.
    If the list is downloadable from a http server you may set the URL in Firewall > Aliases > URLs and pfSense will load it and refresh it once a day.

    Then use the alias name as source in your firewall rule.



  • Thanks a lot, so it should look like this once I used it in rules:

    http://prntscr.com/jafr2e

    Fine?

    Tnx



  • Looks fine.

    Remember that this is a pass-rule. So if this rule doesn't match on an incoming packet, but another pass rule downriver does, the packet will be passed anyhow.
    For matching a rule, the protocol, source address + port and the destination address + port are essential.



  • All clear, thanks a lot!