On Wed, Aug 5, 2009 at 6:53 PM, Keenan Tims<[email protected]> wrote: >> If a packet arrives from a networks via a static route all firewall >> rules are ignored. Everything passes. :-( >> If the Packets arrive via the default route it works as expected. > > Packets don't arrive 'from' a static route; the static routes only affect > outgoing traffic. Incoming packets will arrive on an interface and have a > source and destination (end machine) address that you can use to filter > them. As long as the rule is created on the *interface* the traffic arrives > on, and has the appropriate filters set, it should apply to any traffic > regardless of routing tables. Same goes for outgoing traffic destined to > other routers. >
That's correct. The only way traffic related to a static route wouldn't be filtered by the ruleset is if you have "bypass filtering for traffic on same interface" checked under System -> Advanced. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
