Yes rules reas top to bottom. Please attach a copy of your rule as it is displayed in on the Lan fw tab. this will help in finding the problem with the rule.
-Ron On Tue, Jul 1, 2008 at 2:20 PM, Atkins, Dwane P <[EMAIL PROTECTED]> wrote: > Ron, > > Thanks for the quick answer. > > I have a LAN rule that I assumed stated deny tcp any Lan Interface eq > ssh. > > If the DHCP address and the lan gateway are in the same subnet, it > doesn't appear to work. > > Another question about Firewall Rules are do they read for top to > bottom? I have put these denies above the permit ip any any statement > in the Lan rules. > > Am I doing something wrong? > > Dwane > > -----Original Message----- > From: Ron Blanchett [mailto:[EMAIL PROTECTED] > Sent: Tuesday, July 01, 2008 1:17 PM > To: [email protected] > Subject: Re: [pfSense Support] Disable SSH to the private side interface > > Just add a reject or drop rule on the lan interface > Specify a source range and make the destination address your lan > interface address and the port 22. > > Simple as that. > > -Ron > > > On Tue, Jul 1, 2008 at 2:07 PM, Atkins, Dwane P <[EMAIL PROTECTED]> > wrote: >> Is there a way that I can disable SSH from my private side address to > the >> default gateway or in this case, the LAN address? Can I do it via a > Linux >> command? >> >> >> >> In other words, if my LAN interface is 10.6.5.8 and my DHCP (private > side) >> addresses are 10.6.5.10 - .100. I want to ensure that those addresses > cannot >> SSH into the private side address. >> >> >> >> Thank you >> >> >> >> Dwane Atkins >> >> 210-567-0158 >> >> [EMAIL PROTECTED] >> >> > > > > -- > Ronald Reagan - "Recession is when a neighbour loses his job. > Depression is when you lose yours." > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Steven Wright - "A lot of people are afraid of heights. Not me, I'm afraid of widths." --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
