Name resolution in firewall rules

  • Hello,

    I'm actually looking at pfSense to build a redundant firewall for my corporation.

    But I have one big problem : the webGUI doesn't let me put names instead of IP adresses in the aliases or in the rules.

    Meaningwhile, I know packet filter can handle name resolution in rules.

    Does anymody have a solution ?


  • Sorry but there is no way to do this and its generally a bad idea.  But I will not go into best practices and leave it at the technical capabilities of the webConfigurator which prevent this behavior.

  • I could only see this useful in a home environment with dhcpd and dynamic addresses. Instead of assigning the mac addresses static ips you could just plug in the hostname. Setting the individual machine such as a laptop to a static ip would be a hassle when moving from locations with it.

    Regardless I agree with sullrich on this. However I could see a reverse lookup display of the hostname useful as I tend to put the hostname of the machine in the description to jog my memory.

  • I guess this would be for blocking myspace or something. The only problem is they have ~7 ip addresses.
    Keep people honest at work huh …  ::)

Log in to reply