Blocking from 93.174.93.46 to WAN address blocks traffic to the pfSense. It sounds like you are using NAT for the port 25 forwarding. You should end up with a rule allowing traffic from any to 10.20.1.1 on port 25. You must therefore block from 93.174.93.46 to 10.20.1.1. That rule should be above the rule allowing from any to 10.20.1.1 on port 25.
-- Steve Yates ITS, Inc. -----Original Message----- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Yoel Jimenez del Valle Sent: Wednesday, November 30, 2016 9:50 AM To: list@lists.pfsense.org Subject: [pfSense] rules for blocking some ip from internet not working I have pfsense 2.3.2_p1 i have a rule to allow all connection to port 25 for smtp is the last rule in wan rules 1.2.3.4 allow any to 2.2.2.2:25 map to 10.20.1.1:25 its working ok I had other rules to block some ip but any of the are working Block source:93.174.93.46 destination wanaddress or thisfirewall but still can access port 25 There is any way pfsense can block those connections skipping the preference of allow to port 25 _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold