Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Alias configuration

    Scheduled Pinned Locked Moved Firewalling
    13 Posts 2 Posters 5.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      joebobfrank
      last edited by

      I am trying to set up one computer to access IRC but I don't want the others to have access to IRC. I thought the way to do this was to configure aliases? It just does not seem to work for me. Does anyone know how to do this?

      Also FTP does not seem to be configured right. I cannot update my FreeBSD server unless I connect to a VLAN with less strick rules. I got HTTPS, HTTP, DNS, IRC, and a Voip device configured right.

      Do you guys need screen shots of my pfSense config?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        There is not a lot of information in your post to formulate a reply or any meaningful suggestions. At the very least we need to know exactly what you have tried in terms of firewall rules, and what showed up in the firewall logs when you tried something that didn't work.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          joebobfrank
          last edited by

          Here is my fire wall configuration. I should have made the images a little smaller.

          1 Reply Last reply Reply Quote 0
          • J
            joebobfrank
            last edited by

            This is the alias configuration.

            1 Reply Last reply Reply Quote 0
            • J
              joebobfrank
              last edited by

              Here are the firewall rules.

              1 Reply Last reply Reply Quote 0
              • J
                joebobfrank
                last edited by

                Jimp, I will atempt to set this up again and check the logs this time to see errors.

                @jimp:

                There is not a lot of information in your post to formulate a reply or any meaningful suggestions. At the very least we need to know exactly what you have tried in terms of firewall rules, and what showed up in the firewall logs when you tried something that didn't work.

                1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  The "source" on the IRC rule should be set to "single host or alias" and then you type "irc_clients" into that box.

                  You just need to make sure you don't have a more permissive "pass all" rule below that, or you have a rule right below it that says to block from any to any port = 6667.

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • J
                    joebobfrank
                    last edited by

                    Here is the log from the firewall rules:

                    May 23 14:05:36  LAN  192.168.50.51:56577  66.184.117.12:6667  TCP:S

                    I see that the port numbers don't match from the client to router.
                    Shouldn't the client be coming from port 6667 not 56577?

                    @jimp:

                    The "source" on the IRC rule should be set to "single host or alias" and then you type "irc_clients" into that box.

                    You just need to make sure you don't have a more permissive "pass all" rule below that, or you have a rule right below it that says to block from any to any port = 6667.

                    1 Reply Last reply Reply Quote 0
                    • jimpJ
                      jimp Rebel Alliance Developer Netgate
                      last edited by

                      No.  Client source ports are randomized on every recent OS. You only want to match the destination port.

                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                      Need help fast? Netgate Global Support!

                      Do not Chat/PM for help!

                      1 Reply Last reply Reply Quote 0
                      • J
                        joebobfrank
                        last edited by

                        I enabled the irc_clients and selected "single host or alias". Now is that for the "source" and "destination" both or just the destination?

                        Here is the whole rules screen:

                        1 Reply Last reply Reply Quote 0
                        • J
                          joebobfrank
                          last edited by

                          Here is the other screen:

                          1 Reply Last reply Reply Quote 0
                          • jimpJ
                            jimp Rebel Alliance Developer Netgate
                            last edited by

                            irc_clients is only the source. The destination is the server, mostly that should be "any" but if you want to restrict that to only a specific server, that is what would go there.

                            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                            Need help fast? Netgate Global Support!

                            Do not Chat/PM for help!

                            1 Reply Last reply Reply Quote 0
                            • J
                              joebobfrank
                              last edited by

                              It is now working!!!! Thank you so much!!!!
                              Pfsense is a great that is why I stuck with it even though it has been difficult for me.
                              I did not study computers in school but I now work in the IT field.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.