Also keep in mind that pf evaluates the state table before any rules, and if there's a remaining state for the IP address it will still have access even if you add a block rule. You need to kill any remaining states for that IP after adding the rule, and I'm not sure if pf does this automagically.
toss up your ruleset and NAT tables on a pastebin and I'll have a look at them. I'm assuming the malicious IP is external. Seems like a silly question, but you'd be surprised. On Sat, Sep 26, 2009 at 6:07 PM, Chris Buechler <[email protected]> wrote: > On Sat, Sep 26, 2009 at 11:04 PM, Chris Flugstad <[email protected]> > wrote: > > I have public IP's on my LAN and outbound NAT off. I have a ip address > that > > is somewhat malicious and needed to block traffic to and from it. > > i tried making fw rules but that didnt work > > > > any ideas? > > > > That's all you need to do. Make sure they're in the right order, first > match wins. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > >
