Newbie to pFSense - Alias for all traffic external
Does anyone know how to make an alias for all traffic deemed "external"?
Does anyone know if this is even possible?
I use watchguard firewalls pretty exclusively and they have an any-external filter that I'd like to replicate for ease of use for our other admins. Would like to see if anyone had any idea's on how to make this work.
sure … you can make an alias call external and set a network up to be 0.0.0.0/0. If the gui will allow it. In pfSense, we just use "any" to denote internet (public and private).
0.0.0.0/0 isn't very acurate.
maybe make an alias for everything internal (RFC1819, maybe reserved address space, …) and do a negative match on that?
For the rule you would select that alias, but select the "not" tick box?
You can do that … works almost the same way only slightly better as it exclude private, but so does the default blocks on WAN. Alias and rules only allow /1 as the smallest. So you can do an alias called everything or what ever and add to ranges 0.0.0.0/1 and 18.104.22.168/1.
Really, just use "any" as it is the same thing. wait .. negative match on 255.255.255.255/32? :-D