Firewall CP Rule (bounty varies)
I need A Firewall Rule that works something like this
Source IP 192.168.1.150 / Source Port 80
Destination Port 80 http:\You Have A Virus . Com
The Point of this rule is to Redirect infected customers
or Customers that did not pay there bill to a Web page
Why am I not using Captive Portal?
We are using Multi VLAN and Also Do not want to deal with Auth
A Simple Firewall rule would be awesome and more useful then Captive portal for me
We Are using Pfsense 1.2.3 but we would like to upgrade to 2.0 by the end of the year
As for the Bounty Let me know I have no idea what is fair for this Project
I also Hope other WISP’s out there that need this Pitch in on the Bounty
You can already do that with NAT rules on 2.0 at least, maybe even 1.2.3.
A couple different ways:
- A port forward on LAN with a source of the infected PC (or an alias containing them) and a destination of “any” (not “interface address”), redirect IP would be the web server on another interface hosting the “you are infected” page, and destination/redirect port of 80.
That would redirect any web surfing they try to do over to your “you’re infected” page, and if your web server there is set to respond to any query for any page (redirect a 404 to your virus page) with the page you want, it will do exactly as you describe.
Another way would be to run the squid proxy and with squidguard, match the infected users in an ACL, and deny access to everything, and put your “you’re infected” message in the squidguard error/redirect.
I’m not seeing redirect IP option in 1.2.3
is that a option in 2.0?
Sorry for my stupidity
And Thanks ;D
It’s just a port forward. Firewall > NAT.
there is no destination/redirect
there in 1.2.3 if I’m missing something
or someone already posted on this please point me in the right way
I have searched for months and have not found anything
Yeah the source address option is 2.0 only, forgot when that was added.
K thanks… looks like we need to upgrade ??? :’( scary
We’re about to release RC2. Use a current snapshot, it’s not so scary.
Bit off topic but dose the pfSense: The Definitive Guide Apply to Pfsense 2.0?
Vaguely, it mentions 2.0 in various places and what things were known to be different at the time. We will be writing another book based on 2.0 in the near future.