Block OS Rules



  • Is there an update available to the Block OS Rules list? The Windows rule works well with all version however the MacOS rule doesn't block any of the recent releases of OSX.

    Thanks in advance for any assistance.

    Gary



  • ????

    There's nothing in IP that identifies the OS. Since pfSense works with IP there's no way to do what you want. Perhaps if you could say what it is you're trying to do, we might be able to help.

    BTW, if this has something to do with communications between computers on a LAN, pfSense will have nothing to do with that, as it's between the LAN and Internet, not between devices on the local LAN.



  • On the firewall rules tab under advanced you can block operating systems. As I stated the windows fingerprint is up to date and work great. The Mac OS X and Linux fingerprints are outdated.

    I am blocking traffic to our stream ports to keep unauthorized users out by only allowing the OS on our dedicated hardware through.

    Gary



  • PF does have support for OS fingerprinting but development of that feature has ground to a halt at least on FreeBSD side of things. Not sure what the situation is in OpenBSD but the manual pages aren't encouraging.

    https://www.openbsd.org/faq/pf/filter.html#osfp



  • @gcjh01 said in Block OS Rules:

    by only allowing the OS on our dedicated hardware through.

    Sounds like what you want is Network Access Control. I'm surprised blocking OS does as well as you say.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy