Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How to blk acces to the internet?

    Firewalling
    3
    5
    2045
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rtr1900 last edited by

      Hi,

      I am not sure if  should post this here.
      I need to know how it is possible to block access to:

      1. Full internet
      2. Fulle internet, except some pages
      3. Chat programs

      Please, can you explain it in a simple way. Cause I don´t understand how to do it….

      Regards,

      Johny

      1 Reply Last reply Reply Quote 0
      • Y
        yoda715 last edited by

        Well, assuming that you are referring to traffic originating from your LAN segment destined outbound, you would simply create firewall rules in the LAN segment explicitly denying all traffic from your LAN IPs (or any IP) destined to any. This applies to chat programs to.

        Restricting access to only certain websites gets a bit trickier. I would create rules to deny traffic to all, and then create an allow traffic to certain IP with a higher priority than that deny rule.

        1 Reply Last reply Reply Quote 0
        • R
          rtr1900 last edited by

          Thx.

          So if I get it right it isn´t possible to make for every user a rule of which pages he can or can not access?

          It is that in the company almost every user can access only some sites and mostly they are different (departments sales, comercial, buying, stock,…)
          For example:
          Adminsitration: only access to the banks
          Stock: Only access to the providers
          Sales: Only access to Google, and some other sites
          etc... ...

          Thx,

          David

          1 Reply Last reply Reply Quote 0
          • S
            sai last edited by

            restricting websites is best done using something like Squid - you can maybe use the package in pfSense for this.

            there are some useful threads here:  http://forum.pfsense.org/index.php/board,15.0.html

            1 Reply Last reply Reply Quote 0
            • R
              rtr1900 last edited by

              Thx Sai,

              yes indeed about Squid. I am getting into that.
              I managed already to make a filter and add some IPs to it.

              Now my next object is to create for every user a filter.
              I have this in Squid.inc:

              acl semirestricted_hosts src "/var/squid/acl/semirestricted_hosts.acl"
              acl semirestrictedlist dstdom_regex -i "/var/squid/acl/semiwhite.acl"

              Now, should I just add two more lines to create another filter?

              Thx,

              David

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy