4. Run in stateless mode

Run in stateless mode

  • C

    Ok, before I get berated for wanting stateless mode, I'll go ahead and justify why: this is a university (aka- educational) environment. We're looking to leverage pfSense for educating our students in: basic firewalls, stateful/stateless firewalls, NAT, and <if possible="">snort/IDS. This also saves us the cost of purchasing 100 <insert brand="" of="" commercial="" box="">firewalls.
    The snort bit looks like it'll be tough for pfSense, we want our kids to write their own rules but alas, that's for another post.

    Anyway, I've been looking around, can pfSense operate in a stateless mode?</insert></if>

    0
  • Rebel Alliance Developer Netgate

    If you add a bunch of rules with the "State Type" set to "none" then yeah.

    Normal rules will be stateful, and there is always a default deny, but you can add the rules and change the "State Type" to "none" then it will do what you want.

    0
  • C

    Wow, talk about over complication on my part; we'll preconfigure their boxes with some of our own 'default rules,' do a couple SYN flood labs and such, then delve into stateful firewalls. Thanks!

    0
  • Rebel Alliance Developer Netgate

    It's easy to overlook since it's hidden behind a button (which is good since 99% of people will never need to touch that option, but it's handy for those that do!) :-)

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy