• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Create a firewall

Scheduled Pinned Locked Moved Firewalling
8 Posts 3 Posters 2.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    bainwave
    last edited by Oct 23, 2011, 5:05 AM

    Hi all,
    Thanks for your support in my previous post.
    With the help of your support, I could able to install the pfsense.

    Now am unable to create a firewall rule.. to block some of the websites like facebook, porn etc.,
    I could able to create a alias..
    I wrote a firewall on WAN interface to block the website facebook
    but in vain.. still the site is accessible from my network.

    What wrong am doing ?

    May be a step by step is appreciable to block websites through categories, like social networking, gaming, porn, abuse, drugs (like a physical hardware box has got)….

    Thanks in advance.

    Bainwave

    1 Reply Last reply Reply Quote 0
    • P
      ptt Rebel Alliance
      last edited by Oct 23, 2011, 2:04 PM

      If you want Block someone connected to the LAN, you must create the rule on LAN not in WAN  ( wan rules are for Block / Pass traffic from outside world to your "inside" network )

      1 Reply Last reply Reply Quote 0
      • B
        bainwave
        last edited by Oct 23, 2011, 2:27 PM

        Thanks ptt for your speedy help.

        This is how am creating a rule to block facebook…. let me know where am going wrong.

        1. Firewall->LAN->+,
        2. Action -> block
          Interface -> LAN
          source -> Dev_team (My developers team ip's are assigned in the aliases)
          destination-> any
          description -> www.facebook.com

        Thanks in advance for helping..

        1 Reply Last reply Reply Quote 0
        • P
          ptt Rebel Alliance
          last edited by Oct 23, 2011, 2:40 PM Oct 23, 2011, 2:38 PM

          Do this way:

          Create an alias for facebook ( Diagnostics –> DNS Lookup )

          In your Rule:

          Action: Block

          Interface: LAN

          Protocol : TCP

          Source: Dev_team

          Destination: facebook_com  ( the created alias for facebook - see attached img )

          Description: Block Facebook for Dev Team

          And you must put this rule on top of all other "pass" rules

          Alias_FB.PNG
          Alias_FB.PNG_thumb

          1 Reply Last reply Reply Quote 0
          • B
            bainwave
            last edited by Oct 23, 2011, 3:58 PM

            Hi ptt,
            once again thanks for your speedy help.

            What should I do if i need to block the social networking sites (all)
            can't I restrict my users with help of categories? like social networking, porn, drugs, abuse etc.,

            Hope am clear in asking.

            1 Reply Last reply Reply Quote 0
            • P
              ptt Rebel Alliance
              last edited by Oct 23, 2011, 4:02 PM

              For that i think is better to use squid / squidguard, check the packages section:

              http://forum.pfsense.org/index.php/board,15.0.html

              I'm not using any of those, so, i'm sorry i cant help with that

              1 Reply Last reply Reply Quote 0
              • B
                bainwave
                last edited by Oct 23, 2011, 4:06 PM

                Oops,

                bump
                Does any body help me out in squid?

                1 Reply Last reply Reply Quote 0
                • N
                  naga
                  last edited by Oct 28, 2011, 12:14 AM

                  @bainwave:

                  Oops,

                  bump
                  Does any body help me out in squid?

                  http://doc.pfsense.org/index.php/SquidGuard_package

                  1 Reply Last reply Reply Quote 0
                  8 out of 8
                  • First post
                    8/8
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    This community forum collects and processes your personal information.
                    consent.not_received