F5F Stay Refreshed Power Users Networks Configure PfSense to restrict internet connectivity.

Configure PfSense to restrict internet connectivity.

Configure PfSense to restrict internet connectivity.

A
animalover2
Junior Member
Find
41
01-11-2025, 11:25 PM
#1
Hey there, I installed my new PfSense router and set up Squid and SquidGuard for filtering content, but I need to restrict a device from getting online during certain hours. I want to block just that one device without affecting the others. Do you have any suggestions on how to do this? With my previous router, I used parental controls, but PfSense doesn’t offer that feature... Thanks!
Reply
Reply
A
animalover2
01-11-2025, 11:25 PM #1

Hey there, I installed my new PfSense router and set up Squid and SquidGuard for filtering content, but I need to restrict a device from getting online during certain hours. I want to block just that one device without affecting the others. Do you have any suggestions on how to do this? With my previous router, I used parental controls, but PfSense doesn’t offer that feature... Thanks!

Reply
Reply
N
NanoFantasy
Junior Member
Find
2
01-12-2025, 03:23 AM
#2
You only require the device's MAC address.
Reply
Reply
N
NanoFantasy
01-12-2025, 03:23 AM #2

You only require the device's MAC address.

Reply
Reply
T
Turquose
Member
Find
198
01-12-2025, 05:42 AM
#3
Not always. You might only need to define a firewall rule, designating the computer's source IP and blocking all types of traffic. For extra security, especially with advanced users, a MAC filter can also be implemented.
Reply
Reply
T
Turquose
01-12-2025, 05:42 AM #3

Not always. You might only need to define a firewall rule, designating the computer's source IP and blocking all types of traffic. For extra security, especially with advanced users, a MAC filter can also be implemented.

Reply
Reply
B
Bropatrik
Junior Member
Find
23
01-12-2025, 06:53 AM
#4
Configuring access schedules requires more steps than typical consumer routers. It’s manageable, though. A helpful resource is available here: http://hometechhowto.com/how-to-set-up-a...n-pfsense/
Reply
Reply
B
Bropatrik
01-12-2025, 06:53 AM #4

Configuring access schedules requires more steps than typical consumer routers. It’s manageable, though. A helpful resource is available here: http://hometechhowto.com/how-to-set-up-a...n-pfsense/

Reply
Reply
M
Me0wt
Member
Find
93
01-12-2025, 09:04 AM
#5
It's possible the IP address might shift. Spoofing a MAC address is technically feasible, though it seems uncommon on devices that remain unjailbroken.
Reply
Reply
M
Me0wt
01-12-2025, 09:04 AM #5

It's possible the IP address might shift. Spoofing a MAC address is technically feasible, though it seems uncommon on devices that remain unjailbroken.

Reply
Reply
X
XX_ItzHaley_XX
Junior Member
Find
18
01-20-2025, 05:40 AM
#6
Moreover, it’s surprisingly simple to obtain a MAC address by checking the DHCP list. From my perspective, there’s no compelling reason against MAC filtering. If someone is extremely cautious, they could restrict access to only devices within that home. Then consider adding whitelists for specific services and websites tied to each MAC address based on their purpose and user identity.
Reply
Reply
X
XX_ItzHaley_XX
01-20-2025, 05:40 AM #6

Moreover, it’s surprisingly simple to obtain a MAC address by checking the DHCP list. From my perspective, there’s no compelling reason against MAC filtering. If someone is extremely cautious, they could restrict access to only devices within that home. Then consider adding whitelists for specific services and websites tied to each MAC address based on their purpose and user identity.

Reply
Reply
J
Jayden32805
Member
Find
212
01-20-2025, 01:34 PM
#7
Alternatively, you can assign all gadgets a fixed IP in DHCP and instruct the server to refuse new addresses to unrecognized machines. The advantage is simpler control over internet access via IP. If someone truly seeks to circumvent restrictions, there will always be a method. Duplicate a MAC or IP from a legitimate device. There’s no need to tackle things manually when pfSense makes it straightforward to manage firewall rules.
Reply
Reply
J
Jayden32805
01-20-2025, 01:34 PM #7

Alternatively, you can assign all gadgets a fixed IP in DHCP and instruct the server to refuse new addresses to unrecognized machines. The advantage is simpler control over internet access via IP. If someone truly seeks to circumvent restrictions, there will always be a method. Duplicate a MAC or IP from a legitimate device. There’s no need to tackle things manually when pfSense makes it straightforward to manage firewall rules.

Reply
Reply