Firewall

pfSense firewall functions support traditional firewall, NAT, mark traffic flow, traffic shaping, scheduling based on time and even controlling based on IP reputation.

Aliases

Here we can create recognizable names/ placeholders to resources like IP addresses, Port numbers. This is useful in creating multiple firewall rules against one resource as if you need to change the resource it is just a single location that we need to modify.

The name of an alias can be entered instead of the host, network or port where indicated. The alias will be resolved according to the list defined. If an alias cannot be resolved (e.g. because it was deleted), the corresponding element (e.g. filter/NAT/shaper rule) will be considered invalid and skipped.

Create IP Alias

Go to Firewall > Aliases and click *+ Add*

• Name: wwwserver
• Description: Web Server
• Type: Host(s)
• IP or FQDN: 10.XY.1.1

and Save. If you click Add then it will allow you to add multiple IP addresses for a single name

you will have multiple options for type as Hosts, Ports, Networks, or Urls to IP lists, port list

• Name: wwwport
• Description: Web Server HTTP & HTTPS ports
• Type: Port(s)
• Port: 80
• Add Port
• Port: 443

and Save and Apply

If you select All, you will find all aliases created.

Schedule

Schedules act as placeholders for time ranges to be used in firewall rules.

To create a schedule, Go to Firewall > Schedules > +Add

• Schedule Name: Office_Hours
• Description: Normal Office hours

NAT