Near Realtime Connection Blocking?



  • Hello,

    I'm new to the forum and to pfsense. I am looking to build a pfsense unit that will sit between my Xbox and a Fortinet 60B that hopefully will be able to do the following things:

    1. Act as a transparent bridge able to see Xbox IP's incoming to games I host.
    2. Dispaly realtime connection information between the Xbox and the incoming Xbox IP's.
    3. Display realtime bandwidth information per IP.
    4. Ability to restrict bandwidth per inbound IP.
    5. Ability to quickly block inbound connections per IP based upon the connection / bandwidth info.

    My objective is to block cheaters from matches I host. Is pfsense able to accomplish this? Thanks.



  • Hello,

    After thinking about this a little further it looks like a big step to this is being able to block single / ranges of IP addresses, the only thing left to find out is if the TCP / UDP info and bandwidth information can be displayed and if there is a mechanism to block that IP(s) from that screen quickly. Thanks.



  • Hello,

    If this is something not possible today is it something that could be implemented with sufficient compensation? Thanks.



  • There are a few packages that track bandwidth. Bandwidthd, darkstat, and rate come to mind. I don't think any of these have any way to block the IP from that page. You would have to enter the IP you wish to block into the firewall settings. Or have an Alias already set up and a rule set to block that alias, then you would just add that IP to the alias list and it would get blocked.

    I don't think there is a package that will do all of these things in one easy step though. If you want something like that I would suggest checking out the bounty forum.



  • Hello focalguy,

    Thanks for the info. I was hoping to get an idea what amount of compensation the developer had in mind to implement something like this, but I guess this is more like post an amount and see if someone bites. I'm now getting a quote from a commercial firewall manufacturer to implement this solution, which is actually what I prefer in terms of what is expected on the pricing front, as opposed to trying to guess what to post in a bounty that may or may not be picked up. If there is an alternate way to get this implemented with PFSense I'm interested. Thanks.


Log in to reply