Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Howto to block all traffic to the internet except 5 web address

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      browndawg74
      last edited by

      Can I block all traffic except for 5 web address.  I need to block all internet access.

      1 Reply Last reply Reply Quote 0
      • Cry HavokC Offline
        Cry Havok
        last edited by

        Yes.

        You'd want to block all outbound access from the LAN (to the WAN) by default. Then you'll need to install a proxy server (such as Squid - see the Packages section of the forum) and configure it to allow only those 5 domains. Your firewall rules will need to allow access from the LAN to the pfSense LAN interface (you can optionally lock this down to just the required services).

        The simplest way of doing that will be to create a new rule allowing traffic with the source of the LAN subnet and a destination of the LAN interface, then disable the default allow all rule. At that point no host on the LAN will be able to directly reach the Internet. You'll need to create additional rules to allow any other required services.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.