Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Firewall rules whit more than one source and no alias

    General pfSense Questions
    2
    3
    754
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Remi38 last edited by

      Hello,

      I am curentely begin install a pfsense firwall in my enterprise.
      We have a lot of rules and I would like to make some rules whit multi alias without making an alias of an alias …

      Like this :
      FROM : (ALIAS1 & ALIAS2 & ALIAS3), TO: (ALIAS5 & ALIAS6), ALLOW TCP (PORT_ALIAS1)

      Thanks

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis last edited by

        I guess you have 6 rules for this now:
        FROM : (ALIAS1), TO: (ALIAS5), ALLOW TCP (PORT_ALIAS1)
        FROM : (ALIAS1), TO: (ALIAS6), ALLOW TCP (PORT_ALIAS1)
        FROM : (ALIAS2), TO: (ALIAS5), ALLOW TCP (PORT_ALIAS1)
        FROM : (ALIAS2), TO: (ALIAS6), ALLOW TCP (PORT_ALIAS1)
        FROM : (ALIAS3), TO: (ALIAS5), ALLOW TCP (PORT_ALIAS1)
        FROM : (ALIAS3), TO: (ALIAS6), ALLOW TCP (PORT_ALIAS1)

        As far as I am aware, you can only put 1 alias in each source/destination field of a rule. So you need to make an aliases that contain other aliases. That works, and I would hhave thought with some good naming conventions for your aliases it should make the rule list readable by mere mortals.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • R
          Remi38 last edited by

          OK, that's why I thought. This is a regression before our previous FW but all other stuff on pfsense make this nothing.

          Thanks you.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy