Difficulty Applying Firewall Rules for Network alias for my custom app filter

[vivekmauli14]

Hi Guys,

I’ve developed an application filter that utilizes ntop's network analytics to dynamically populate IPs based on the network interface, then assign these IPs to the corresponding pfTable. In my firewall rules, I block the alias at the destination while using the intended interface from ntop as the source. While the solution works, it’s slower than expected, and I’m still optimizing the rule for faster performance. Any suggestions to improve the speed of blocking the application access more promptly would be appreciated.

The issue arises when I try to apply the rule to a specific network alias, such as restricting access for a particular subnet. I’m unable to create a rule that restricts only that specific network alias while maintaining the application filtering logic. I would appreciate any guidance on how to achieve this functionality or optimize my current approach.

Thanks in advance,
VivekSP