Blocking access to ntop



  • How to block access to LAN users 192.168.1.0 (except 192.168.1.11)  to ntop 192.168.1.1:3000. For example: I can use ntop but other users can't. How to do it?



  • block, tcp, source NOT <allowed client's="" ip="">, destination <lan ip="" of="" pfsense="">, port <ntop port="">, gateway default</ntop></lan></allowed>



  • My settings:
    But it doesnt work. Everybody has access to ntop





  • @Boguslaw:

    My settings:
    But it doesnt work. Everybody has access to ntop

    From a shell issue this command:

    cat /tmp/rules.debug |grep 3000

    And post the results.  Thanks!



  • You have to disable the antilogout rule at lan (system>advanced) which grants access to the lan IP of the pfsense. This rule is in place to make sure you don't log yourself out from the administration. Beware that disabling that rule might log you out if you have incorrect rules at LAN, so verify your settings before applying a new ruleset.


Locked