Shoes Top Mens Ultraforce Force NIKE Sneakers Mid 864014 White White White Air 100 Trainers 1 Hi Xwg0RxPFqx
What are Aliases?¶
From the pfSense WebGUI: Aliases act as placeholders for real hosts, networks or ports. They can be used to minimize the number of changes that have to be made if a host, network or port changes. The name of an alias can be entered instead of the IP address, network or port in all fields that have a red background. The alias will be resolved according to the list [on the Aliases page of the WebGUI]. If an alias cannot be resolved (e.g. because it has been deleted), the corresponding element (e.g. filter/NAT/shaper rule) will be considered invalid and skipped.
Why would I want to use Aliases?¶
The best example is for blocking a list of hosts considered “bad”. If a rule were added for each host to block individually, the rules list would grow quite large. By adding all of these hosts to an alias, only one firewall rule is necessary.
Say there are three web servers in a DMZ, and HTTP, HTTPS, and FTP traffic should be allowed to these servers. It can be accomplished with a single firewall rule and two aliases.
- Create an alias called WebServers and add to it the IPs of the three web servers.
- Create an alias called WebServerPorts add add to it ports 21, 80, and Shoes Sneakers 864014 White NIKE Ultraforce White Hi Trainers Air 100 Force White Mens 1 Mid Top 443.
- Create a firewall rule and for the destination, choose Single Host or Alias, then click in the field and type WebServers. It will autocomplete, and then click to select it. For the destination port, click in the box and type WebServerPorts.
- Click Save
Now there is a single firewall rule that would have otherwise taken 9 separate rules to accomplish!
Aliases and Hostnames¶
For Host and Network type aliases, a fully qualified domain name (FQDN) may be entered instead of an IP address. The FQDN will be resolved by DNS every 5 minutes (300 seconds) and updated internally. This can be useful for tracking dynamic DNS entries to identify sites or users that are unable to use a static IP.
The interval at which the resolution takes place may be adjusted under System > Advanced on the Firewall / NAT tab. Enter a new value in the Aliases Hostnames Resolve Interval field. Bear in mind that a lower interval will put a higher burden on the DNS server(s). With many hosts to resolve, the default is best. With only a few hosts, a lower value may be used such as 30Journey Haflinger Charcoal Charcoal Journey Haflinger Unisex Charcoal Journey Unisex Journey Unisex Unisex Haflinger Haflinger Charcoal Haflinger xExvq1w seconds.
URL Table Aliases¶
A URL table alias is a URL that points to a plain text file containing IP and/or CIDR masked network addresses. The URL will be periodically downloaded and refreshed. The contents of the file would look like so:
Mens White Shoes White Trainers 864014 Air Ultraforce Mid Force NIKE 100 Sneakers 1 Top Hi White 192.0.2.0/24 172.22.59.49 Shoes 100 Trainers White NIKE Sneakers Ultraforce White 864014 Hi Mid White Mens Top 1 Air Force 192.168.0.128/26
Similar to a URL table in that the file format is the same. However, the content is only requested once and is immediately turned into a traditional alias.
On the main alias screen, click 864014 Top 1 White Trainers Air Mens NIKE 100 White Hi Sneakers White Force Shoes Mid Ultraforce Import and the Bulk Import screen will be presented. A large text area on this page is used for IP address or CIDR entries. They may be entered/pasted here, one per line, to create a large alias quickly.