Multiple source to one destionation
-
Demand to make rule which will whitelist multiple networks: 71.209.84.0/24, 223.189.151.160/29, … etc (+20) to one destination IP and its PORT.
Questions is, can this be done by 1 rule? Instead of +20 (always to whitelist one network by one).
Thanks
-
Add your whitelist in Firewall > Aliases > IP as type networks and set a name for it. You may also import it there if you have all the networks in a list already.
If the list is downloadable from a http server you may set the URL in Firewall > Aliases > URLs and pfSense will load it and refresh it once a day.Then use the alias name as source in your firewall rule.
-
Thanks a lot, so it should look like this once I used it in rules:
http://prntscr.com/jafr2e
Fine?
Tnx
-
Looks fine.
Remember that this is a pass-rule. So if this rule doesn't match on an incoming packet, but another pass rule downriver does, the packet will be passed anyhow.
For matching a rule, the protocol, source address + port and the destination address + port are essential. -
All clear, thanks a lot!