pfSense – P5 pfSense Firewall Rule Configuration for Beginners

Understanding pfSense Firewall Rule configuration is one of the most important skills when managing a firewall. If rules are created incorrectly, traffic may be blocked unintentionally — or worse, security gaps may be introduced.

In this beginner-friendly guide, you will learn:

1. How pfSense processes firewall rules

2. How to block and allow internet access

3. How to block specific websites

4. How to use Alias (IP, Port, URL)

5. How to apply schedules to rules

This tutorial focuses on practical, real-world firewall configuration scenarios.

🔹 1. Overview

Firewall rules in pfSense are processed from top to bottom.

Example:

Rule 1
Rule 2
Rule 3

👉 Match the rule first → stop there.

As soon as traffic matches a rule, pfSense stops evaluating further rules.

📌 Important Concept

Firewall rules are processed at the interface where traffic enters.

Example:

LAN → Internet

Rules must be set at LAN, not WAN.

This is a critical concept. If traffic originates from LAN and goes to the internet, you configure rules on the LAN interface.

Understanding this behavior is essential when working with pfSense Firewall Rule logic.

🔹 2. Demo

Let’s go through practical demonstrations.

🔹 2.1. Block LAN from the Internet

To simulate blocking internet access:

• Disable default rule
• Test for network loss

Once the default allow rule is disabled, LAN clients will lose internet connectivity.

This demonstrates how rule order and rule existence directly affect traffic flow.

🔹 2.2. Allow LAN to Access the Internet Again

Create rule:

• Interface: LAN
• Source: LAN net
• Destination: any
• Action: Pass

This restores internet access for LAN clients.

After applying the rule:

• Traffic from LAN net to any destination is allowed

• Internet connectivity resumes

This is the fundamental allow rule in most basic pfSense Firewall Rule configurations.

🔹 2.3. Block Website

Example: Block IP or alias.

Note: pfSense will resolve DNS → to IP → then block that IP.

This means:

• When you specify a domain, pfSense converts it into its IP address

• The firewall then blocks the resolved IP

🚨 Practical Issues

Blocking websites by IP may not always be reliable.

1️⃣ Websites with multiple IP addresses
2️⃣ Websites using CDNs
3️⃣ IP addresses that change constantly

=> Blocking domains this way may not be 100% effective when blocking websites.

For large platforms with distributed infrastructure (YouTube, Facebook, etc.), firewall rules based purely on IP are often ineffective.

🔹 2.4. Alias IP (Host/Network)

Aliases allow grouping multiple IP addresses or networks into a single object.

Demo:

Group lv1: Allow Full Internet
Group lv2: Block website
Group lv3: Block Internet

Using Alias simplifies rule management and improves readability.

Instead of creating multiple rules for different IPs, you group them and reference the alias in a single pfSense Firewall Rule.

🔹 2.5. Alias Port

Create aliases for the Email server port (192.168.16.172):

995
443
25
465
587
993

This allows you to:

• Group multiple service ports

• Apply a single rule referencing the port alias

• Simplify firewall rule structure

Port alias is especially useful when managing mail servers or multi-service hosts.

🔹 2.6. Alias URL (IPs)

URL (IPs)

Used for pfSense to download a file containing a list of IP addresses.

Example:

That file must contain:

157.240.0.1
157.240.0.2
31.13.72.0/24

👉 pfSense will convert it into an IP list for the firewall to use.

This method is commonly used for:

• External blocklists

• Threat intelligence feeds

• Dynamic filtering

It automates IP list updates without manual configuration.

🔹 2.7. Schedule

You can create schedules based on:

• Months

• Days

• Hours

Schedules allow you to apply firewall rules only during specific time periods.

Examples:

• Block social media during work hours

• Restrict internet at night

• Allow temporary access during maintenance windows

Combining schedule with pfSense Firewall Rule gives you powerful time-based access control.

🔎 Why Understanding pfSense Firewall Rule Is Critical

Proper firewall rule configuration ensures:

• Secure network segmentation

• Controlled internet access

• Clean and organized rule structure

• Reduced administrative complexity

Misplaced or misordered rules can:

• Break connectivity

• Override intended policies

• Introduce security risks

Always review rule order carefully.

🚀 Best Practices

When working with pfSense Firewall Rule:

• Place specific rules above general rules

• Use aliases for clarity

• Avoid unnecessary duplicate rules

• Document rule purposes

• Test after every major change

Clear structure leads to easier troubleshooting and better long-term management.

🏁 Conclusion

Mastering pfSense Firewall Rule configuration is essential for both beginners and professionals.

By understanding:

1. Rule processing order

2. Interface-based filtering

3. Blocking and allowing traffic

4. Alias usage (IP, Port, URL)

5. Schedule-based control

You gain full control over network traffic management.

This completes Part 5 of the pfSense series and prepares you for more advanced topics such as NAT rules, port forwarding, VPN policies, and traffic shaping.