Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Create a firewall

    Firewalling
    3
    8
    2.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bainwave
      last edited by

      Hi all,
      Thanks for your support in my previous post.
      With the help of your support, I could able to install the pfsense.

      Now am unable to create a firewall rule.. to block some of the websites like facebook, porn etc.,
      I could able to create a alias..
      I wrote a firewall on WAN interface to block the website facebook
      but in vain.. still the site is accessible from my network.

      What wrong am doing ?

      May be a step by step is appreciable to block websites through categories, like social networking, gaming, porn, abuse, drugs (like a physical hardware box has got)….

      Thanks in advance.

      Bainwave

      1 Reply Last reply Reply Quote 0
      • pttP
        ptt Rebel Alliance
        last edited by

        If you want Block someone connected to the LAN, you must create the rule on LAN not in WAN  ( wan rules are for Block / Pass traffic from outside world to your "inside" network )

        1 Reply Last reply Reply Quote 0
        • B
          bainwave
          last edited by

          Thanks ptt for your speedy help.

          This is how am creating a rule to block facebook…. let me know where am going wrong.

          1. Firewall->LAN->+,
          2. Action -> block
            Interface -> LAN
            source -> Dev_team (My developers team ip's are assigned in the aliases)
            destination-> any
            description -> www.facebook.com

          Thanks in advance for helping..

          1 Reply Last reply Reply Quote 0
          • pttP
            ptt Rebel Alliance
            last edited by

            Do this way:

            Create an alias for facebook ( Diagnostics –> DNS Lookup )

            In your Rule:

            Action: Block

            Interface: LAN

            Protocol : TCP

            Source: Dev_team

            Destination: facebook_com  ( the created alias for facebook - see attached img )

            Description: Block Facebook for Dev Team

            And you must put this rule on top of all other "pass" rules

            Alias_FB.PNG
            Alias_FB.PNG_thumb

            1 Reply Last reply Reply Quote 0
            • B
              bainwave
              last edited by

              Hi ptt,
              once again thanks for your speedy help.

              What should I do if i need to block the social networking sites (all)
              can't I restrict my users with help of categories? like social networking, porn, drugs, abuse etc.,

              Hope am clear in asking.

              1 Reply Last reply Reply Quote 0
              • pttP
                ptt Rebel Alliance
                last edited by

                For that i think is better to use squid / squidguard, check the packages section:

                http://forum.pfsense.org/index.php/board,15.0.html

                I'm not using any of those, so, i'm sorry i cant help with that

                1 Reply Last reply Reply Quote 0
                • B
                  bainwave
                  last edited by

                  Oops,

                  bump
                  Does any body help me out in squid?

                  1 Reply Last reply Reply Quote 0
                  • N
                    naga
                    last edited by

                    @bainwave:

                    Oops,

                    bump
                    Does any body help me out in squid?

                    http://doc.pfsense.org/index.php/SquidGuard_package

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.