I've been using 2.0 for sometime now and I'm very happy with this Firewall!
I do have some questions that I'm hoping that you guys can help me with.1)
I am not running any dns server in my network because I find this somewhat overkill for a home network. Pfsense is used as a DHCP server and the dns is also set to the gateway pfsense ip.
I believe pfsense automaticaly uses the WAN dns setting from my Cable modem as the primary DNS.
This works perfectly for browsing the net and connecting to other windows machine by hostname. Somehow windows machines can find each other by hostname/dns, but my other non windows machines
fail to work with hostnames. For example my apache2 webserver on ubuntu cannot be reached by http://webserver01
. The work around I have right now is manualy editing my host file on this pc.. but
this is obviously not a very neat solution. Can you guys tell me if it is possible to configure pfsense to use a select list of ip / hostnames (hosts file?) and if not found --> reroute to the dns of my modem?
My goal would be to be able to reach all my servers/clients by hostname without editing host files on the machines etc. I could live with the fact that I have to manualy edit a host file on the pfsense
machine so I wouldn't have to install/configure a dns server on the pfsense. But adding other ip's and hostnames to the pfsense hosts file does not seem to work (even after a ipconfig flush on the clients).
Anyboy have any idea's on how I could set this up or get this working without setting u a complete dns package/server?2)
Is it possible to add a mac address source entry for a firewall rule? To make sure only my laptop and iphone can reach my IP-Cam? Right now I have it set to a specific port : myexternalip:portnumber which makes it harder to find this web-based ip-cam but I still find it somewhat scary that people can logon to it if they do a portscan of guess the portnumber
. I would rather block it entirerly, but I would still like to be able to use my Iphone and view the camera when not at home. Would it be possible to set up macaddress rule to allow only traffic from that device?