So in other words, add an alias that contains something like 192.168.99.100/32 192.168.99.101/32 ... 192.168.99.127/32 192.168.99.128/26 (this should handle 128-->191) 192.168.99.192/32 192.168.99.193/32 .. 192.168.99.199/32
(or some variant of this if I get fancier with the subnet mask) Am I understanding correctly? Dimitri Rodis Integrita Systems LLC -----Original Message----- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Thursday, November 29, 2007 3:14 PM To: [email protected] Subject: Re: [pfSense Support] Rule Question Yes. You'll need to create a subnet alias - say "dynamicip" and populate it with the addresses (you can use cidr blocks here to reduce the number of entries you need in the alias) that are dynamic, then create a rule that uses the alias as the source address. --Bill On Nov 29, 2007 4:53 PM, Dimitri Rodis <[EMAIL PROTECTED]> wrote: > > > > > In pfSense, is there a way to have a rule affect only those people in a > certain range of IP addresses (as in, a range that you can't use a subnet > mask to match)? > > > > For example, a typical setup of ours is to have an internal subnet of say, > 192.168.99.0/24. The DHCP Range that we usually use (DHCP server isn't > running on pfSense) is 192.168.99.100 thru 192.168.99.199. What I would like > to do is block outbound SMTP on only the machines that have a dynamically > assigned address. Is it possible to create a single rule in pfSense to > accomplish this? > > > > Thanks-- > > > > Dimitri Rodis > > Integrita Systems LLC --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
