Difference between revisions of "PfSense"

From wiki.bastelbude.grade.de
Jump to: navigation, search
(squid)
(config)
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
=== about ===
 
=== about ===
 
building an open-source firewall-router
 
building an open-source firewall-router
 +
* https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Kompendium_Einzel_PDFs_2021/09_NET_Netze_und_Kommunikation/NET_3_2_Firewall_Edition_2021.html
 +
* https://de.wikipedia.org/wiki/PfSense
 +
* https://de.wikipedia.org/wiki/OPNsense
 +
* https://www.admin-magazin.de/Das-Heft/2016/12/Freie-Firewall-OPNSense
 +
 
==== whishlist ====
 
==== whishlist ====
 +
DSL is extremly slow, improve performance
 
* WAN load-balancing DSL <> LTE
 
* WAN load-balancing DSL <> LTE
* proxy
+
* cache Windows updates (squid)
* malware protection
+
* filter
* isolated public wifi hotspot
+
** malware
 +
** ads
 +
* isolated public wifi hotspot (VLan)
 +
* isolated CCTV servers (VLan)
 +
** allow outside > in (routing)
 
* ...
 
* ...
  
Line 25: Line 35:
  
 
==== config ====
 
==== config ====
* set LAN Interface 192.168.1.4
+
* set LAN Interface 192.168.1.6
 
* IPv4 Upstream gateway 192.168.1.1
 
* IPv4 Upstream gateway 192.168.1.1
 
* System > General Setup > DNS Servers 8.8.8.8
 
* System > General Setup > DNS Servers 8.8.8.8
Line 36: Line 46:
 
==== squid ====
 
==== squid ====
 
* https://www.taste-of-it.de/pfsense-squid-als-transparenter-proxy-mit-antivirus-funktion-fuer-http/ (http)
 
* https://www.taste-of-it.de/pfsense-squid-als-transparenter-proxy-mit-antivirus-funktion-fuer-http/ (http)
* ?geeignete Refresh Patterns?
+
** Local Cache > Dynamic and Update Content > ?geeignete Refresh Patterns?
 
* https://turbofuture.com/internet/Intercepting-HTTPS-Traffic-Using-the-Squid-Proxy-in-pfSense (https)
 
* https://turbofuture.com/internet/Intercepting-HTTPS-Traffic-Using-the-Squid-Proxy-in-pfSense (https)
 +
** ?klappt nicht?
  
 
[[category:Projekte]]
 
[[category:Projekte]]

Latest revision as of 17:43, 9 February 2021

about

building an open-source firewall-router

whishlist

DSL is extremly slow, improve performance

  • WAN load-balancing DSL <> LTE
  • cache Windows updates (squid)
  • filter
    • malware
    • ads
  • isolated public wifi hotspot (VLan)
  • isolated CCTV servers (VLan)
    • allow outside > in (routing)
  • ...

hardware

installation

prerequisite

config

  • set LAN Interface 192.168.1.6
  • IPv4 Upstream gateway 192.168.1.1
  • System > General Setup > DNS Servers 8.8.8.8

configuration

pfBlockerNG

squid