Blocking Rule with Aliases and Schedule
-
please read up on the notes of the schedules. these rules work a bit different:
When working with pfSense based schedules, the logic is a bit different from the normal pfSense rules.
For example, the rules are evaluated from top to bottom.
If you have a pass rule and the rule is outside of the schedule, the traffic will be BLOCKED regardless
of pass rules that occur after this rule.In these cases you will want to change the pass rule to a block style rule to get the needed functionality.
-
dotdash:
LAN and WAN are not bridged.hoba:
That's what I was thinking.
I've attached the output from the pfctl -sa.
Would you mind taking a look see at it.[pfctl -sa.txt](/public/imported_attachments/1/pfctl -sa.txt)
-
What do you need the rule at interface WAN for? Delete it.
-
Removed WAN rule per Hoba's direction.
Applied changes.
Cleared States Tables.
Restricted user(s) still able to access blocked site.I am not using DNS Server in pfSense, I'm using DNS servers from ISP at each computer.
Will this effect name (IP) resolution in this instance?
I can/will enable pfSense DNS, if so directed. -
They are probably hitting some IPs that are not in your alias. I would first test this rule with some special IP and trying to surf to that IP not using DNS.
-
Are you running squid in transparent mode?
-
mrsense,
I am running Squid in transparent mode.I am also looking into the SquidGuard package.
I did try a rule to block a single IP website that I found without using the schedule or aliases and it still did not block the site.
In the States log it was redirecting to 127.0.0.0:80, but was still visible.
-
Transparent proxy is causing the problem. I was running into similar issue and I was told that traffic from local daemons, like squid, is left unfiltered and cannot be filtered without changing pfsense.
See this post:
http://forum.pfsense.org/index.php/topic,6617.msg37805.html#msg37805 -
please read up on the notes of the schedules. these rules work a bit different:
When working with pfSense based schedules, the logic is a bit different from the normal pfSense rules.
For example, the rules are evaluated from top to bottom.
If you have a pass rule and the rule is outside of the schedule, the traffic will be BLOCKED regardless
of pass rules that occur after this rule.In these cases you will want to change the pass rule to a block style rule to get the needed functionality.
I have a blocking rule that blocks youtube and other video websites, now I want to have that blocking rule to apply for specific time. I don't know if the blocking rule is not working or has bugs, but I have tried all of the possible combinations of pass and block rule with this schedule. Can you help me and all of the others that wants to have a step-by-step know how's if this schedule logic is working. Thanks
-
For me the Release 1.2 Version runs with the schedules as it should
For the first, do you have a 1.2 Version? Place a schedule time on a firewall rule and then make a download of your config.xml and check if you have all needed cron items
Further Information: http://forum.pfsense.org/index.php/topic,5838.msg42769.html#msg42769Regards
Heiko