• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Howto to block all traffic to the internet except 5 web address

Scheduled Pinned Locked Moved Firewalling
2 Posts 2 Posters 1.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    browndawg74
    last edited by Mar 31, 2013, 11:39 PM

    Can I block all traffic except for 5 web address.  I need to block all internet access.

    1 Reply Last reply Reply Quote 0
    • C
      Cry Havok
      last edited by Apr 1, 2013, 9:05 AM

      Yes.

      You'd want to block all outbound access from the LAN (to the WAN) by default. Then you'll need to install a proxy server (such as Squid - see the Packages section of the forum) and configure it to allow only those 5 domains. Your firewall rules will need to allow access from the LAN to the pfSense LAN interface (you can optionally lock this down to just the required services).

      The simplest way of doing that will be to create a new rule allowing traffic with the source of the LAN subnet and a destination of the LAN interface, then disable the default allow all rule. At that point no host on the LAN will be able to directly reach the Internet. You'll need to create additional rules to allow any other required services.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received