4. Block all traffic

Block all traffic

  • B

    Is there an easy way to simply block all traffic and only allow a few sites? Everything I see seems to do more filtering than I need.

    0
  • J

    Ns lookup all the sites that you want , create aliases for them , add rules to firewall to allow aliases,
    Add deny all rule at the and

    0
  • J

    I forgot , in 2.1 and up I think you can create aliases from URLs
    So do as above , but aliases referencing to the sites, add rules as above…

    0
  • M

    @bjm3805:

    Is there an easy way to simply block all traffic and only allow a few sites?

    The short answer is yes:
    Assuming you have a default configuration with only two active interfaces… Create LAN rules to allow the sites you want and then disable the "Default allow LAN to any rule" on the LAN interface. (I highly recommend that before you do this, you ensure the anti-lockout rule is enabled at System: Advanced: Admin Access: be sure that  "Disable webConfigurator anti-lockout rule" is not checked.) NOTE: I am assuming you want to block outbound from the LAN and not pfSense's outbound which would require floating rules.

    Just for some clarification:

    Are you asking how to restrict outbound traffic? (The default for pfSense is to block all inbound traffic already and allow all outbound traffic. )

    What do you mean by "sites", IP address(es) like "192.168.1.1", or websites like "www.google.com"?

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy