Steve, I had to add some FLOATING RULES to block outgoing traffic from pfSense itself to Internet....in this way, traffic was blocked.
Regards!!! 2017-11-15 13:01 GMT-03:00 Roberto Carna <robertocarn...@gmail.com>: > OK Lorenz, now I understand....!!! > > Thanks a lot, > > ROBERT > > 2017-11-15 12:49 GMT-03:00 Lorenz Schori <l...@znerol.ch>: >> Hi, >> >> On Wed, 15 Nov 2017 12:44:51 -0300 >> Roberto Carna <robertocarn...@gmail.com> wrote: >> >>> Oliver, I ask about the opposite that you explain to me: >>> >>> Everthing going out from WAN to Internet is allowed ??? >>> >>> In accordance with my tests, yes...and if I add an explicit rule it >>> doesn't block a given outgoing traffic. >>> >>> In the affirmative case, how can I disable the default OUTGOING pass >>> rules in WAN interface ??? >> >> Rules on interfaces are filtering inbound traffic, see: >> https://doc.pfsense.org/index.php/Firewall_Rule_Basics >> >> Normally thats enough. If you like to deny certain/all outbound traffic >> you simply add those rules to the LAN interface. >> >> If that is not enough, then you need to use floating rules. Those allow >> you to specify the direction (inbound vs outbound). >> https://doc.pfsense.org/index.php/What_are_Floating_Rules >> >> Cheers, >> Lo >> _______________________________________________ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
