How to manage hundreds of rules?



  • Hi list,

    I'm new to pfsense and quite happy with it. I have the current version (2.0-RC3 (amd64)
    built on Wed Jul 20 00:08:53 EDT 2011). But for now I wonder how I'll manage a huge amount of rules later on. Let's say I have 500 rules and I need to modify one single host. Do I need to browse 25 pages or so in order to find one entry?

    Thank you and greetings,

    senseless



  • In my experience you usually can reduce the number of rules drastically by clever use of aliases.



  • Thx, but then I would have loads of hosts in an alias (i.e. https), right? Well, besides I could search the page with ctrl+F  8)

    Cheers,

    senseless



  • you can create aliases of host and ports.

    if you create three allow rules for one host for example DNS (53), http(80) and https(443).
    then create an alias for these three ports and then just create on firewall rule.

    further you could put aliases into another alias.



  • Ah, I get an idea of it. But what would I do if I need to know the rules concerning one single host among 500?



  • If you move your mouse over the alias you can see what is in this alias.

    but I know, what you mean if there is a rule for Host a on position 20, 135, 222, 375 and finally 476.

    But i think this will be up to you to "sort" the rules a little bit (if moving the rules doesn't affect there job).



  • Thank you. I'll play around with it anyway and see how to organise rules and stuff.

    Cheers,

    senseless



  • If you have hundreds of rules on any firewall, you're most likely not doing things optimally. I have seen some so complex and wide ranging that hundreds or more rules are required, but it's very rare, maybe one in every 500 systems I'm on. Lots of good coverage on the usage of aliases and in general keeping your rules as manageable as possible in http://pfsense.org/book


Log in to reply