Separate games and internet in two ISP and to avoid downloading

  • please help me how to separate games and internet in two ISP and how to avaoid downloading torrent

  • Netgate Administrator

    How are these divided on your LAN?
    If the games are known you can set firewall rules to catch traffic for whatever ports they use. If the clients are known you can similar.
    You can approach this from the other direction. How are you defining 'internet'? If you primarily mean web traffic then it's easy to send all web traffic via one ISP and everything else via the other.


  • Whats your setup like and what exactly are you trying to achieve?

    For example do you have a setup like this?
    1 Wan to ISP A
    1 OPT1 to ISP B
    1 Lan to a number of devices like games consoles, computers, tablets, phones via wifi and ethernet?

    Is one of the ISP's a mobile data provider? If so these networks work differently compared to normal net access due to the way the mobile phone system traffic management works, its more burst like, unlike normal net access which is more continuous and consistent in the transmission of data. This would make sending games console data out over mobile not so good and something to avoid.

    Some of the fancy things you can do with pfsense is have your games console traffic come in over wan, but send the games console data out over Opt1 (ISP B). Any fixed ip's in use and need to be used?

    Likewise you could route some traffic to use Wan and other traffic to use OPT1. You can load balance, traffic shape, plus lots lots more.

    If you know the games consoles mac id's then you can assign it a fixed ip address (Services, DHCP Server assuming you are using a pfsense dhcp server).

    Then you can add some rules (Firewall, Rules, Lan tab), that sends the games consoles SOURCE ip address traffic to the WAN net Destination or OPT1 destination.

    If you have many games consoles, consider creating an alias (Firewall, Alias) and add a new alias called Games Console, and add the HOSTS fixed IP addresses. Then back in the lan firewall rule from above, change t he SOURCE ip address to the alias, then the same rule will apply to all the ip addresses listed in the alias.

    Do you need to restrict access to between certain hours for these games consoles? If so in the lan firewall rule from above edit the rule and choose a schedule from the drop down list. To create a schedule like no internet access after 10pm mon to fri, go into Firewall, Schedule, add a new schedule, name it, select the weekday headers Mon through to Fri and then set the time 6am to 22pm. This will make the rule work only mon to friday 6am to 22pm. If you want to allow different access on a Sat & Sun, edit the schedule and add Sat & Sun plus the couple hours missing Friday night and restricting access from 22pm Sunday night.

    To have all other devices use the other net access, create a lan rule which NOT allows the alias group access to the wan or opt1 net Destination connection.

    Dont know if the above is useful or not, it depends on your network setup and what exactly you want to achieve.

Log in to reply