4. Run in stateless mode

Run in stateless mode

  • C

    Ok, before I get berated for wanting stateless mode, I'll go ahead and justify why: this is a university (aka- educational) environment. We're looking to leverage pfSense for educating our students in: basic firewalls, stateful/stateless firewalls, NAT, and <if possible="">snort/IDS. This also saves us the cost of purchasing 100 <insert brand="" of="" commercial="" box="">firewalls.
    The snort bit looks like it'll be tough for pfSense, we want our kids to write their own rules but alas, that's for another post.

    Anyway, I've been looking around, can pfSense operate in a stateless mode?</insert></if>

    0
  • Rebel Alliance Developer Netgate

    If you add a bunch of rules with the "State Type" set to "none" then yeah.

    Normal rules will be stateful, and there is always a default deny, but you can add the rules and change the "State Type" to "none" then it will do what you want.

    0
  • C

    Wow, talk about over complication on my part; we'll preconfigure their boxes with some of our own 'default rules,' do a couple SYN flood labs and such, then delve into stateful firewalls. Thanks!

    0
  • Rebel Alliance Developer Netgate

    It's easy to overlook since it's hidden behind a button (which is good since 99% of people will never need to touch that option, but it's handy for those that do!) :-)

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy