Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Content Filtering while bridged

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      EinsteinTaylor
      last edited by

      Greetings,
      I'm hoping someone can point me in the right direction here.  I have PFSense(full not embeded) installed on a machine here, and acting as a transparent bridge.  That is all working wonderfully…perhaps too well as it has exposed a couple of users who are abusing the bandwidth.  I'm looking to be able to do content filtering on our bridge.  I was hopeful that snort would do what I wanted, but found out that it doesn't work on a bridged environment.  I have a user that is streaming music, and we want to squash that right away, as well as put other content-filter rules in.  I am able to make firewall rules to block things, but everytime he changes channels/servers/etc... the IP's change.

      Are there any other packages or techniques that will work over a bridge and allow me to do content filtering?

      All help is greatly appreciated

      Thanks

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        You wont have much luck on that if you want to keep the bridge.

        But couldnt you try to restrict access to the internet a bit?
        Like block everything and only allow access to port 80 (http) 110 (pop) 53 (dns) etc.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • E
          EinsteinTaylor
          last edited by

          Thanks for the reply…

          The bridge is a temporary thing until we replace our PIX boxes later this year.  The pixes were put in way before my time, and by someone who has obviously never actually managed a network, so this is just a bandaid until then.

          I'm really hoping to get away from commercial firewalls altogether, but the main draw of cisco branded things is our users that use the Cisco VPN Client.  I will try your suggestion of tightening things up some, but that introduces problems of it's own due to the multitude of things we have to support, i.e...terminal emulators, etc...

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            Or do it the other way around.
            It shouldnt be too hard to find out on what ports these music servers stream their data and just block this port as source.

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by

              I hate to say it but for contentfiltering in transparent mode you might want to look at http://www.untangle.com/ to do this particular job.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.