Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Howto to block all traffic to the internet except 5 web address

    Firewalling
    2
    2
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      browndawg74
      last edited by

      Can I block all traffic except for 5 web address.  I need to block all internet access.

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        Yes.

        You'd want to block all outbound access from the LAN (to the WAN) by default. Then you'll need to install a proxy server (such as Squid - see the Packages section of the forum) and configure it to allow only those 5 domains. Your firewall rules will need to allow access from the LAN to the pfSense LAN interface (you can optionally lock this down to just the required services).

        The simplest way of doing that will be to create a new rule allowing traffic with the source of the LAN subnet and a destination of the LAN interface, then disable the default allow all rule. At that point no host on the LAN will be able to directly reach the Internet. You'll need to create additional rules to allow any other required services.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.