4. Can i block specific ip or mac address accessing internet

Can i block specific ip or mac address accessing internet

  • R

    can i block specific ip or mac address accessing internet? how?

    heres my firewall rules;

    action : pass
    Interface: LAN
    Protocol: TCP
    Source: Network / 192.168.2.99/24 (is this correct?)
    Source OS: any
    Destination: any
    Destination port range : http to https
    Schedule: 12:00pm to 1:00pm
    Gateway: load balance

    and

    action : pass
    Interface: LAN
    Protocol: TCP
    Source: Single host or alias / "test" (is this correct?)
    Source OS: any
    Destination: any
    Destination port range : http to https
    Schedule: 12:00pm to 1:00pm
    Gateway: load balance

    i add Aliases name "test" with multiple ip address

    when i reboot pfsense i got this error on starting firewall : invalid argument

    0
  • B

    Create an alias with the adresses that you either want or dont want to be able to
    acess.
    Probably the don't want access as I assume this will be smaller.

    Then create a single rule
    Lan
    Pass
    Source !BlockedIPList
    Destination any
    Port HTTP to HTTP

    Create a second rule covering HTTPS

    You need to remove the rule allowing the entire internal lan out

    This should work..

    Regards

    Mark

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy