Try using "Source: * (any)" instead of "Source: WLAN Net". It will only apply to WLAN traffic anyway because of which interface it applies to.
It would be helpful for you to send the screenshot again WITH the left-most column - the icons OUTSIDE the table. Make sure your rules are actually "block" rules (red icons) and that they are enabled. I'm sorry if this sounds like a stupid question but did you make sure your IP address is not the one that is allowed through in the first rules? Moshe ------------------------------ Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 2012/1/25 Jürgen Echter <j.ech...@echter-kuechen-elektro.de> > Am 24.01.2012 12:58, schrieb Matthias May: > > Jürgen Echter wrote: >> >>> Hi, >>> >>> maybe i'm doing something wrong. >>> >>> i have 3 interfaces, one for wan, one for lan and one for wlan. >>> >>> i don't want that wlan users have access to my lan. >>> >>> so i tell the firewall rule on the LAN interface to block everything >>> from WLAN subnet, but i'm still able to receive different webpages hosted >>> on the LAN. >>> >>> also i tried to tell the WLAN interface to block everything what has my >>> LAN as destination, same effect. >>> >>> what's wrong? >>> >>> greets >>> >>> juergen >>> ______________________________**_________________ >>> List mailing list >>> List@lists.pfsense.org >>> http://lists.pfsense.org/**mailman/listinfo/list<http://lists.pfsense.org/mailman/listinfo/list> >>> >>> >> Firwall rules go to the interface on which traffic is received. >> So if you want to block traffic from the WLAN interface to the LAN >> interface, then the rule has to go to the WLAN interface. >> Rules are processes from top to bottom and if a rule catches the rest >> below is no longer considered. >> Meaning if you have an allow rule above your block rule, the allow rule >> will always catch. >> Put your block rules all the way to the top. >> >> If that doesn't help, send a screenshot of your rules. (Overview, not the >> configuration of the rule itself). >> >> Greetings >> Matthias May >> ______________________________**_________________ >> List mailing list >> List@lists.pfsense.org >> http://lists.pfsense.org/**mailman/listinfo/list<http://lists.pfsense.org/mailman/listinfo/list> >> > > ok, here's a screenshot from my rules. > > i want to block / reject access from wlan to lan. > > if i try from a box in the wlan to access a webpage from lan it just > works. thats what i don't want :) > > greets. > > _______________________________________________ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list > >
_______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
