Using pfSense as a Powerhouse router



  • Good day

    I’m a newbie at this, but very keen on learning more about how rules or scripts within the rules, are applied to the firewall to achieve various different results. I’ve been watching the videos for building and getting going with the pfsense router, but couldn’t find too much information on what I would like to achieve using my new pfsense router.

    I installed and configured pfsense Community Edition v 2.4.3 on a physical pc with enough resources for any of the packages to run happily.
    My end goal is to achieve the following but don’t know where to start or which package will be the best to make use of, to achieve my goal.

    I would really like some help with achieving my goal, I know it can be done, from everything I’ve read about pfsense.

    So here goes, my wish list, or challenge if you may.

    1. I have a capped home data bundle of 50GB per month from my ISP.
    2. I have 12 devices that share this 50GB of capped data per month. Not all the devices are connected at any one given time. There is a possibility of about 4 devices being connected at any one given time.

    Case 1

    1. I would like to set a monthly limit, of say 4GB per device, preferably by mac address.
    2. I would like to set a daily limit, of say 250 MB per device, preferably by mac address.
    3. Whenever any limit is reached or exceeded, all internet access needs to be stopped for that device, until that limit is reset. i.e. daily limit is reset the next day at 00:05, or the monthly limit rest on the first day of the new month at 00:05.
    4. I would like to see a report of data usage per device, preferably by mac address.

    Case 2

    1. I would like to set a monthly limit, of say 8GB per user, I have 6 users in my family. The users can then use any device as their data usage will now be monitored or capped using their user name.
    2. I would like to set a daily limit, of say 300MB per user, I have 6 users in my family. The users can then use any device as their data usage will now be monitored or capped using their user name.
    3. Whenever any limit is reached or exceeded, all internet access needs to be stopped for that user, until that limit is reset. i.e. daily limit is reset the next day at 00:05, or the monthly limit rest on the first day of the new month at 00:05.
    4. I would like to see a report of data usage per user.

    I would appreciate the help with the above as I’m just a beginner when it comes to scripts and think that the above will make use of scripts.
    I would like to see a solution for both cases, I think it will be a good learning experience for me to try and understand how the rules work in different scenarios.

    I have a LTE wireless router that receives the internet from my ISP. I’ve disabled the DHCP and wireless broadcast on this router and wired it to the pfsense router (PC) NIC. I’ve used the second NIC on the pfsense router (PC) as a DHCP server and this is wired to another wireless router. This router is configured as an AP only. All my devices are connecting to the internet via this router.

    My intention is to use the pfsense router (PC) to monitor and limit the data usage of my family members and have a report thereof.

    Thank You


  • Galactic Empire

    FreeRadius with MAC and or User authentication BUT you can only set the download limits to either Daily, Weekly, Monthly Forever.

    You'd need to look at the log files in pfSense and search for FreeRADIUS in the logs.



  • @nogbadthebad Thank you, will give it a try when I get home this evening.


  • Galactic Empire

    One thing I've just thought about, it would only disallow the connection if they disconnected and then tried to re connect.

    Maybe FreeRADIUS isn't the solution.