Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Blocking interface by time [solved]

    Firewalling
    4
    8
    1588
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pcbosrders last edited by

      i have a pfsense  box up and running and so far things are working the right way

      question i have is there a way to block a interface by time

      EG: have a kidssubnet and i want to have control when they can go on the Internet
           say after school and after supper say between 4pm and 7pm and on weekends
           after lunch time until 2pm

      is this possible ?

      1 Reply Last reply Reply Quote 0
      • M
        Metu69salemi last edited by

        yes and no

        You can define schedule and you can schedule rules. and if you schedule every single rule on kidssubnet you should achieve what you desire

        1 Reply Last reply Reply Quote 0
        • J
          johan.helin last edited by

          couldn't you just schedule a block all to all rule to activate when the kids should be locked out and putt it first on the list?

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke last edited by

            @johan.helin:

            couldn't you just schedule a block all to all rule to activate when the kids should be locked out and putt it first on the list?

            This sounds good.

            Create a BLOCK any to any rule on top of all other rules you created and then shedule this rule. SO you will be flexible with your other rules if you only want to allow some ports/ips and not in general any.

            1 Reply Last reply Reply Quote 0
            • J
              johan.helin last edited by

              Like this:


              1 Reply Last reply Reply Quote 0
              • M
                Metu69salemi last edited by

                yes like that

                1 Reply Last reply Reply Quote 0
                • N
                  Nachtfalke last edited by

                  @johan.helin:

                  Like this:

                  Yes, thats correct.
                  But I think I found a little missconfiguration on your second rule with destination port "80 - 443". I am not sure but I think you only want to block webGUI access on port 80 (http) or port 443 (https). But what your rule does is blocking the port range from 80 to 443.

                  Better create an Port-Alias with port 80,443 and 22 (ssh) and then put this alias as "Destination port" in your firewall rule.

                  1 Reply Last reply Reply Quote 0
                  • P
                    pcbosrders last edited by

                    thanks ;D that is what i want.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post

                    Products

                    • Platform Overview
                    • TNSR
                    • pfSense
                    • Appliances

                    Services

                    • Training
                    • Professional Services

                    Support

                    • Subscription Plans
                    • Contact Support
                    • Product Lifecycle
                    • Documentation

                    News

                    • Media Coverage
                    • Press
                    • Events

                    Resources

                    • Blog
                    • FAQ
                    • Find a Partner
                    • Resource Library
                    • Security Information

                    Company

                    • About Us
                    • Careers
                    • Partners
                    • Contact Us
                    • Legal
                    Our Mission

                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                    Subscribe to our Newsletter

                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                    © 2021 Rubicon Communications, LLC | Privacy Policy