Remember that rules are processed in order. Given that fact, here's one way to do what you want.
First, put in any rules that ALLOW specific traffic from LAN to OPT2. Then, put in a rule to DENY ALL TRAFFIC from LAN to OPT2. Finally, put the rule to ALLOW ALL TRAFFIC from LAN to ANYWHERE. This is exactly what we have done for our guest WiFi network to allow users on the WiFi to access the Internet and all of the public services that run on our internal network. Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Thu, Dec 8, 2016 at 11:51 AM, Luc Paulin <paulins...@gmail.com> wrote: > Hi Everyone, > I am curently to look at migrating rules from our iptable/fwbuilder system > to pfsense. But now I am facing an issue. > > I need to grant internet access from LAN to WAN, so I created a rule PASS > ANY on the LAN interface. However this cause an issues because I want to > have specific allowance rule from LAN to OPT2. Look like the preceding rule > wil also grant access from LAN to OPT2, as well to other interface. > > I am sure that this can restricted, but can't find an example from doc page > on website. > > Thanx again for all your help > > > -- > !!!!! > ( o o ) > --------------oOO----(_)----OOo-------------- > Luc Paulin > email: paulinster(at)gmail.com > Skype: paulinster > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
