Book Image

Mastering pfSense - Second Edition

By : David Zientara
Book Image

Mastering pfSense - Second Edition

By: David Zientara

Overview of this book

pfSense has the same reliability and stability as even the most popular commercial firewall offerings on the market – but, like the very best open-source software, it doesn’t limit you. You’re in control – you can exploit and customize pfSense around your security needs. Mastering pfSense - Second Edition, covers features that have long been part of pfSense such as captive portal, VLANs, traffic shaping, VPNs, load balancing, Common Address Redundancy Protocol (CARP), multi-WAN, and routing. It also covers features that have been added with the release of 2.4, such as support for ZFS partitions and OpenVPN 2.4. This book takes into account the fact that, in order to support increased cryptographic loads, pfSense version 2.5 will require a CPU that supports AES-NI. The second edition of this book places more of an emphasis on the practical side of utilizing pfSense than the previous edition, and, as a result, more examples are provided which show in step-by-step fashion how to implement many features.
Table of Contents (15 chapters)

Creating and editing firewall rules

Now that we have covered some basic firewall principles, we can begin our firewall configuration with the following steps:

  1. To create and/or edit firewall rules, log in to pfSense and navigate to Firewall | Rules. This should present you with a list of interfaces across the top of the page; you can see the ruleset for each interface by clicking on its name (initially, you will see the ruleset for the WAN interface, as shown):
  1. Usually, we will click on the tab for the interface for which we want to credit/edit rules, although this is technically unnecessary, since we can create rules for any interface from any tab—the rule edit page provides an Interface drop-down box that allows us to choose the interface to which the rule applies.
  1. Click on the interface for which you want to add a rule and use one of the two Add buttons at the...