Re: [pfSense Support] Firewall not blocking ip after adding it to rules
no not using squid at all i just created a rule on the lan, didnt work. then created a rule on the wan as well, still nothing. reset states. still nothing. packets are still being passed to that ip address. any thoughts? -chris On 4/27/2010 3:40 PM, David Burgess wrote: Are you using squid as transparent? If so you have to override the GUI anti-lockout rule. Be sure to make alternate arrangements to get into the GUI, or you'll lock yourself out. db On 4/27/10, Chris Flugstadch...@cascadelink.com wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? -chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
Is the firewall disabled? Check tick in System Advanced. The destination ip address is on the same interface as the traffic come from? Regards On Wed, Apr 28, 2010 at 10:41 AM, Chris Flugstad ch...@cascadelink.comwrote: no not using squid at all i just created a rule on the lan, didnt work. then created a rule on the wan as well, still nothing. reset states. still nothing. packets are still being passed to that ip address. any thoughts? -chris On 4/27/2010 3:40 PM, David Burgess wrote: Are you using squid as transparent? If so you have to override the GUI anti-lockout rule. Be sure to make alternate arrangements to get into the GUI, or you'll lock yourself out. db On 4/27/10, Chris Flugstadch...@cascadelink.com wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? -chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- dpc
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
fw is not disabled. woudl it matter if i am using public ip's on the LAN side? On 4/28/2010 1:45 AM, Danny wrote: Is the firewall disabled? Check tick in System Advanced. The destination ip address is on the same interface as the traffic come from? Regards On Wed, Apr 28, 2010 at 10:41 AM, Chris Flugstad ch...@cascadelink.com mailto:ch...@cascadelink.com wrote: no not using squid at all i just created a rule on the lan, didnt work. then created a rule on the wan as well, still nothing. reset states. still nothing. packets are still being passed to that ip address. any thoughts? -chris On 4/27/2010 3:40 PM, David Burgess wrote: Are you using squid as transparent? If so you have to override the GUI anti-lockout rule. Be sure to make alternate arrangements to get into the GUI, or you'll lock yourself out. db On 4/27/10, Chris Flugstadch...@cascadelink.com mailto:ch...@cascadelink.com wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? -chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- dpc
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
Look below. I top posted by mistake. Sorry On Wed, Apr 28, 2010 at 10:54 AM, Chris Flugstad ch...@cascadelink.comwrote: fw is not disabled. woudl it matter if i am using public ip's on the LAN side? On 4/28/2010 1:45 AM, Danny wrote: Is the firewall disabled? Check tick in System Advanced. The destination ip address is on the same interface as the traffic come from? Regards On Wed, Apr 28, 2010 at 10:41 AM, Chris Flugstad ch...@cascadelink.comwrote: no not using squid at all i just created a rule on the lan, didnt work. then created a rule on the wan as well, still nothing. reset states. still nothing. packets are still being passed to that ip address. any thoughts? -chris On 4/27/2010 3:40 PM, David Burgess wrote: Are you using squid as transparent? If so you have to override the GUI anti-lockout rule. Be sure to make alternate arrangements to get into the GUI, or you'll lock yourself out. db On 4/27/10, Chris Flugstadch...@cascadelink.com wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? -chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- dpc Can you send and example of the addressing you are using both LAN and WAN, a diagram, and screeshots of those you consider relevant? Source IP and destination of the traffic? Regards -- dpc
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
On Wed, Apr 28, 2010 at 4:54 AM, Chris Flugstad ch...@cascadelink.com wrote: fw is not disabled. woudl it matter if i am using public ip's on the LAN side? No. My guess is your rule order is wrong (first match wins). - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
On Wed, 2010-04-28 at 08:39 -0700, Chris Flugstad wrote: both rules are at the top of the list. On 4/28/2010 5:39 AM, Chris Buechler wrote: On Wed, Apr 28, 2010 at 4:54 AM, Chris Flugstadch...@cascadelink.com wrote: fw is not disabled. woudl it matter if i am using public ip's on the LAN side? No. My guess is your rule order is wrong (first match wins). Or the IP has has a current state ... - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
On Wed, Apr 28, 2010 at 6:06 PM, David Burgess apt@gmail.com wrote: On Tue, Apr 27, 2010 at 4:37 PM, Chris Flugstad ch...@cascadelink.com wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? Your rules are probably wrong then. A common mistake is to enter a source port for the block rule on the WAN, for example. For best results, post a screen shot of your LAN rules. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- dpc You have to think as if you were the firewall. Think that you are sitted on the firewall, and think that the traffic is always incoming(incomig to you). Look which interface is receiving the traffic and you will fnd the solution Regards
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
On 4/27/2010 6:37 PM, Chris Flugstad wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? These problems boil down to one of a few issues: 1. IP has an existing state. Clearing states or rebooting would fix. 2. Rule is below other rules that matches the traffic, and is thus ignored. First match wins. 3. Rule is on the wrong interface. Rules go on the interface where pfSense first sees the traffic (in direction, from the firewall's POV). Blocking traffic coming from a LAN client? Rule goes on LAN. Blocking traffic coming from an Internet host? Rule goes on WAN. 4. The rule does not actually match the traffic. Be more general than specific. Especially make sure the protocol and IP match. Jim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Firewall not blocking ip after adding it to rules
Are you using squid as transparent? If so you have to override the GUI anti-lockout rule. Be sure to make alternate arrangements to get into the GUI, or you'll lock yourself out. db On 4/27/10, Chris Flugstad ch...@cascadelink.com wrote: I block an ip in the fw rules on lan and wan, and then reset states, but traffic is still being passed to and from that ip did i miss something? -chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Sent from my mobile device - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
