Multiple source to one destionation
Demand to make rule which will whitelist multiple networks: 126.96.36.199/24, 188.8.131.52/29, … etc (+20) to one destination IP and its PORT.
Questions is, can this be done by 1 rule? Instead of +20 (always to whitelist one network by one).
Add your whitelist in Firewall > Aliases > IP as type networks and set a name for it. You may also import it there if you have all the networks in a list already.
If the list is downloadable from a http server you may set the URL in Firewall > Aliases > URLs and pfSense will load it and refresh it once a day.
Then use the alias name as source in your firewall rule.
Thanks a lot, so it should look like this once I used it in rules:
Remember that this is a pass-rule. So if this rule doesn't match on an incoming packet, but another pass rule downriver does, the packet will be passed anyhow.
For matching a rule, the protocol, source address + port and the destination address + port are essential.
All clear, thanks a lot!