Alias Configuration

Alias Settings

When editing an Alias entry, the following settings are available:

Name:

A Name for the alias. The name may only consist of the characters a-z, A-Z, 0-9 and _.

Note

The name of an alias cannot conflict with reserved names for items such as interface names, gateway names, or internal PF keywords. Input validation will reject conflicting names.

Description:

A Description for the alias.

Type:

The Type for the alias, which alters the behavior of the alias and tells the firewall which types of entries can be added to the alias.

The following types are available:

Host:

Host Aliases contain single IP addresses or FQDN hostnames.

Network:

Network Aliases contain CIDR-masked lists of networks, FQDN hostnames, IP address ranges, or single IP addresses.

Port:

Port Aliases contain lists of port numbers or ranges of ports for TCP or UDP.

URL (IP or Port):

URL Aliases contain items the firewall fetches from the specified URL(s) at the time the alias is created. Once created, the alias becomes a typical network or port type alias.

URL Table (IP or Port):

URL Table Aliases contain items the firewall fetches from the specified URL(s), but it periodically updates the content.

Entries:

The lower section of the alias page contains the entries for the alias. The behavior of this section varies based on the selected alias type.

Creating an Alias

To create a new alias:

  • Navigate to Firewall > Aliases

  • Click fa-plus Add

  • Enter settings as described in Alias Settings

  • Enter the type-specific information for each member entry

    All alias types have a data field and a description field for each entry.

To add new entry to an alias, click fa-plus Add at the bottom of the list of entries.

To remove entries from an alias, click fa-trash-can Delete at the end of the row to remove.

When the alias is complete, click Save to store the alias contents.

Each manually-created alias is limited to 5,000 members. Aliases which require larger amounts of entries should use URL Table Aliases instead.

Warning

Some browsers have trouble displaying or using the alias editing view with more than around 3,000 entries.

Bulk Import Network Aliases

The GUI supports adding multiple entries for Host, Network, and Port type aliases in bulk using the import feature. This can be useful when importing long existing lists of addresses, such as for block lists or corporate networks.

To use the import feature:

  • Navigate to Firewall > Aliases

  • Navigate to the appropriate tab to match the desired alias type

    Use the IP tab for Host or Network aliases, use the Port tab for Port aliases.

  • Click fa-upload Import

  • Fill in the Alias Name and Description

  • Enter the alias contents into the Aliases to import text area

    Each entry must be on a separate line.

    Importing from the IP tab allows entries containing IP addresses, CIDR masked networks, IP address ranges, or FQDNs.

    Importing from the Port tab allows entries containing port numbers and port ranges.

    The import process takes any text following a valid entry as the description for that entry.

  • Click Save

The firewall imports the content into a normal alias which can be edited later.