Firewall CP Rule (bounty varies)

  • Hey Guys,

    I need A Firewall Rule that works something like this

    Source IP / Source Port 80

    Destination Port 80 http:\You Have A Virus . Com

    The Point of this rule is to Redirect infected customers
    or Customers that did not pay there bill to a Web page

    Why am I not using Captive Portal?

    We are using Multi VLAN and Also Do not want to deal with Auth

    A Simple Firewall rule would be awesome and more useful then Captive portal for me

    We Are using Pfsense 1.2.3 but we would like to upgrade to 2.0 by the end of the year

    As for the Bounty Let me know I have no idea what is fair for this Project
    I also Hope other WISP's out there that need this Pitch in on the Bounty


  • Rebel Alliance Developer Netgate

    You can already do that with NAT rules on 2.0 at least, maybe even 1.2.3.

    A couple different ways:

    • A port forward on LAN with a source of the infected PC (or an alias containing them) and a destination of "any" (not "interface address"), redirect IP would be the web server on another interface hosting the "you are infected" page, and destination/redirect port of 80.

    That would redirect any web surfing they try to do over to your "you're infected" page, and if your web server there is set to respond to any query for any page (redirect a 404 to your virus page) with the page you want, it will do exactly as you describe.

    Another way would be to run the squid proxy and with squidguard, match the infected users in an ACL, and deny access to everything, and put your "you're infected" message in the squidguard error/redirect.

  • I'm not seeing redirect IP option in 1.2.3

    is that a option in 2.0?

    Sorry for my stupidity

    And Thanks  ;D

  • Rebel Alliance Developer Netgate

    It's just a port forward. Firewall > NAT.

  • there is no destination/redirect
    there in 1.2.3 if I'm missing something
    or someone already posted on this please point me in the right way
    I have searched for months and have not found anything


  • Rebel Alliance Developer Netgate

    Yeah the source address option is 2.0 only, forgot when that was added.

  • K thanks… looks like we need to upgrade  ???  :'( scary


  • Rebel Alliance Developer Netgate

    We're about to release RC2. Use a current snapshot, it's not so scary.

  • Bit off topic but dose the pfSense: The Definitive Guide Apply to Pfsense 2.0?

  • Rebel Alliance Developer Netgate

    Vaguely, it mentions 2.0 in various places and what things were known to be different at the time. We will be writing another book based on 2.0 in the near future.

Log in to reply