On 4/27/2010 6:37 PM, Chris Flugstad wrote:
> I block an ip in the fw rules on lan and wan, and then reset states, but
> traffic is still being passed to and from that ip
>
> did i miss something?
These problems boil down to one of a few issues:
1. IP has an existing state. Clearing states or rebooting would fix.
2. Rule is below other rules that matches the traffic, and is thus
ignored. First match wins.
3. Rule is on the wrong interface. Rules go on the interface where
pfSense first sees the traffic ("in" direction, from the firewall's
POV). Blocking traffic coming from a LAN client? Rule goes on LAN.
Blocking traffic coming from an Internet host? Rule goes on WAN.
4. The rule does not actually match the traffic. Be more general than
specific. Especially make sure the protocol and IP match.
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
