Create a firewall



  • Hi all,
    Thanks for your support in my previous post.
    With the help of your support, I could able to install the pfsense.

    Now am unable to create a firewall rule.. to block some of the websites like facebook, porn etc.,
    I could able to create a alias..
    I wrote a firewall on WAN interface to block the website facebook
    but in vain.. still the site is accessible from my network.

    What wrong am doing ?

    May be a step by step is appreciable to block websites through categories, like social networking, gaming, porn, abuse, drugs (like a physical hardware box has got)….

    Thanks in advance.

    Bainwave


  • Rebel Alliance

    If you want Block someone connected to the LAN, you must create the rule on LAN not in WAN  ( wan rules are for Block / Pass traffic from outside world to your "inside" network )



  • Thanks ptt for your speedy help.

    This is how am creating a rule to block facebook…. let me know where am going wrong.

    1. Firewall->LAN->+,
    2. Action -> block
      Interface -> LAN
      source -> Dev_team (My developers team ip's are assigned in the aliases)
      destination-> any
      description -> www.facebook.com

    Thanks in advance for helping..


  • Rebel Alliance

    Do this way:

    Create an alias for facebook ( Diagnostics –> DNS Lookup )

    In your Rule:

    Action: Block

    Interface: LAN

    Protocol : TCP

    Source: Dev_team

    Destination: facebook_com  ( the created alias for facebook - see attached img )

    Description: Block Facebook for Dev Team

    And you must put this rule on top of all other "pass" rules




  • Hi ptt,
    once again thanks for your speedy help.

    What should I do if i need to block the social networking sites (all)
    can't I restrict my users with help of categories? like social networking, porn, drugs, abuse etc.,

    Hope am clear in asking.


  • Rebel Alliance

    For that i think is better to use squid / squidguard, check the packages section:

    http://forum.pfsense.org/index.php/board,15.0.html

    I'm not using any of those, so, i'm sorry i cant help with that



  • Oops,

    bump
    Does any body help me out in squid?



  • @bainwave:

    Oops,

    bump
    Does any body help me out in squid?

    http://doc.pfsense.org/index.php/SquidGuard_package


Log in to reply