0

I've restricted the source IP of many rules to some alias, say Trusted_Sources. Now, for some reason, I want to open all these rules to the world without manually modifying each individual rule.

How can I modify the Trusted_Sources alias to include all IP's? As a workaround, I defined a new alias containing 0.0.0.0-255.255.255.255 and added it to Trusted_Sources, and it did worked. But, I'm not sure about its efficiency.

I've used 0.0.0.0/0 in some other devices, but pfsense doesn't seem to support that.

Thanks.

user2798081
  • 41
  • 5

1 Answers1

0

The "efficiency", whatever that means in this context, would be the same.

The range 0.0.0.0-255.255.255.255 contains all (possible) adresses in the ipv4 adress space.

The network 0.0.0.0/0 contains all adresses within this network, which happens to be the whole ipv4 adress space, too.

pfsense, like some other routers, like to see it as CIDR notation (255.255.255.255/0) - just like the default route - but in the end this doesn't matter. The rule will be the same as it is parsed binary (internally), therefore there is virtually no difference.

bjoster
  • 4,423
  • 5
  • 22
  • 32