Some Basic Missing Features



  • First off all congragualte the Pfsense Team on a Such nice usefull effort

    i have study the product in details and found some very basic firewall Ruless

    1 Ip address range Blocking eg 192.168.0.1 to 192.168.0.50

    2 Mac base  Rules

    3 Allow only(given) Mac and or Block Given mac or Ip Address range or allow all not in give mac or ip address ranges

    Best Regard

    Wasim Sarwar



  • For ranges you can use aliases (create a network alias that sums up most of the range and then add the missing single IPs with a /32 subnetmask).

    Macadress filtering is not implemented and won't be in the near future I think.



  • I would look it Captive portal to control user access



  • Captive portal is an option, but you can't open only single ports this way for example. The static ARP option at the DHCP-Server page might help for what he wants to do but then he has to enter all MACs for all his clients. He then can add the firewallrules per IPs again as they are mapped statically to a corresponding MAC.



  • yes u r right aliasing solve the porblem

    using dhcp is not a sloution

    IS captive portal is used with out wifi network means with wired clients ??



  • 1 more thing

    How To manualy Edit SQuid.conf file ??



  • @wasim081:

    yes u r right aliasing solve the porblem

    using dhcp is not a sloution

    IS captive portal is used with out wifi network means with wired clients ??

    You can use the captive portal for wired clients as well, yes. It's not a wireless only option.



  • @wasim081:

    1 more thing

    How To manualy Edit SQuid.conf file ??

    This is off topic, please open a new thread for new topics.

    Editing conf files in pfsense is never a good idea as nearly all of them are generated from the config.xml on bootup or are regenrated on changing settings. Your changes will be overwritten sooner or later this way.



  • a bit off topic :)

    A enhancement could be when you add a user in CP there would be a alias option

    flow would be like this

    user logs in -> alias gets updated with current ip


Log in to reply