Can i block specific ip or mac address accessing internet

redrum

can i block specific ip or mac address accessing internet? how?

heres my firewall rules;

action : pass
Interface: LAN
Protocol: TCP
Source: Network / 192.168.2.99/24 (is this correct?)
Source OS: any
Destination: any
Destination port range : http to https
Schedule: 12:00pm to 1:00pm
Gateway: load balance

and

action : pass
Interface: LAN
Protocol: TCP
Source: Single host or alias / "test" (is this correct?)
Source OS: any
Destination: any
Destination port range : http to https
Schedule: 12:00pm to 1:00pm
Gateway: load balance

i add Aliases name "test" with multiple ip address

when i reboot pfsense i got this error on starting firewall : invalid argument

bracks

Create an alias with the adresses that you either want or dont want to be able to
acess.
Probably the don't want access as I assume this will be smaller.

Then create a single rule
Lan
Pass
Source !BlockedIPList
Destination any
Port HTTP to HTTP

Create a second rule covering HTTPS

You need to remove the rule allowing the entire internal lan out

This should work..

Regards

Mark