Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
On Wed, Sep 22, 2010 at 5:30 PM, Chris Flugstad wrote: > I did what i needed to do for the time being though. much appreciated. And that, ladies and gentlemen, is what we call poaching the solution ;) If this list ran on a points system I would get a flogging now. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
You are correct, the public ip is local on our LAN port. i did try that before, and have gone back to it I think when I thought I switched them , I just switched one and then switched it back. didnt look like settings took place till i reset states. i waited for about 3 minutes, and didnt see a difference, so i reset the states and now that ip is not transmitting any outbound traffic but seemes to still pull inbound traffic now. wondering if some arp poisoning is going on. I did what i needed to do for the time being though. much appreciated. -chris On 9/22/2010 4:18 PM, David Burgess wrote: On Wed, Sep 22, 2010 at 5:14 PM, Chris Flugstad wrote: wan rules proto source port dest port gw block * 216.127.61.72 * * ** lan rules block * * * 216.127.61.72 Although you weren't explicit, I got the impression that the host you are trying to block is local to you. If so, then you need to reverse your interfaces OR reverse the source/dest IP addresses. If on the other hand 216.127.61.72 is an internet host that you're trying to detach from your network, then your rules look good. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
On Wed, Sep 22, 2010 at 5:14 PM, Chris Flugstad wrote: > wan rules > proto source port dest > port gw > block * 216.127.61.72 * * > * * > > lan rules > block * * * 216.127.61.72 Although you weren't explicit, I got the impression that the host you are trying to block is local to you. If so, then you need to reverse your interfaces OR reverse the source/dest IP addresses. If on the other hand 216.127.61.72 is an internet host that you're trying to detach from your network, then your rules look good. db
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
wan rules proto source port dest port gw block * 216.127.61.72 * * ** lan rules block * * * 216.127.61.72 ** both are at the top above the default/any rules both are set to block, not reject -chris On 9/22/2010 3:31 PM, Chris Buechler wrote: On Wed, Sep 22, 2010 at 6:28 PM, Chris Flugstad wrote: ryan, i setup the the rules as you stated,, both options and the traffic is still going to and from this ip address :( not sure what to do from here. do i need to reboot the router? No. At worst, resetting states. If it's not blocking it after resetting states, you're still doing something wrong. What do your rules look like now? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
On Wed, Sep 22, 2010 at 6:28 PM, Chris Flugstad wrote: > ryan, > > i setup the the rules as you stated,, both options and the traffic is still > going to and from this ip address :( > > not sure what to do from here. do i need to reboot the router? No. At worst, resetting states. If it's not blocking it after resetting states, you're still doing something wrong. What do your rules look like now? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
ryan, i setup the the rules as you stated,, both options and the traffic is still going to and from this ip address :( not sure what to do from here. do i need to reboot the router? I reset the states,but have not rebooted yet. -chris On 9/22/2010 2:59 PM, Ryan wrote: Are you trying to block an external IP from internal network or internal IP from external network If IP to be blocked in external on WAN put Action=Block, Protocol=Any, Source IP=(your IP to block), Destination IP=Any on LAN put Action=Block, Protocol=Any, Source IP= Any, Destination IP=(your IP to block) If IP to be blocked in internal on LAN put Action=Block, Protocol=Any, Source IP=(your IP to block), Destination IP=Any on WAN put Action=Block, Protocol=Any, Source IP= Any, Destination IP=(your IP to block) Remember rules are processed in order top to bottom, so if allow all is on top, this will do nothing. Ryan Rodrigue P.O. Box 4336 Systems Technician Houma, LA 70361 A A R Electronics, Inc Phone (985) 876-4096 510 West Tunnel Blvd Phone (800) 649-7346 Houma LA 70360 Fax (985) 853-1034 radiote...@aaremail.com www.aarelectronics.com -Original Message- From: Chris Flugstad [mailto:ch...@cascadelink.com] Sent: Wednesday, September 22, 2010 4:44 PM To: support@pfsense.com Subject: Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic So what rule(s) would I add to block all traffic to this ip. I setup traffice shaping and set this ip to a 5k up/down but its still much higher than that -chris On 9/22/2010 2:39 PM, Chris Buechler wrote: On Wed, Sep 22, 2010 at 5:33 PM, Chris Flugstad wrote: So i have public IP's , not Nat'd , on this box, 1.2.3, and I have blocked an ip on both WAN AND LAN , any protocol, source and destination, and traffic is still passing for this ip. any help? Traffic will never be sourced from and destined to the same IP. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
Are you trying to block an external IP from internal network or internal IP from external network If IP to be blocked in external on WAN put Action=Block, Protocol=Any, Source IP=(your IP to block), Destination IP=Any on LAN put Action=Block, Protocol=Any, Source IP= Any, Destination IP=(your IP to block) If IP to be blocked in internal on LAN put Action=Block, Protocol=Any, Source IP=(your IP to block), Destination IP=Any on WAN put Action=Block, Protocol=Any, Source IP= Any, Destination IP=(your IP to block) Remember rules are processed in order top to bottom, so if allow all is on top, this will do nothing. Ryan Rodrigue P.O. Box 4336 Systems Technician Houma, LA 70361 A A R Electronics, Inc Phone (985) 876-4096 510 West Tunnel Blvd Phone (800) 649-7346 Houma LA 70360 Fax (985) 853-1034 radiote...@aaremail.com www.aarelectronics.com > -Original Message- > From: Chris Flugstad [mailto:ch...@cascadelink.com] > Sent: Wednesday, September 22, 2010 4:44 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] BLOCK IP or ALIAS firewall > rule not blocking traffic > > So what rule(s) would I add to block all traffic to this ip. > I setup traffice shaping and set this ip to a 5k up/down but > its still much higher than that -chris > > On 9/22/2010 2:39 PM, Chris Buechler wrote: > > On Wed, Sep 22, 2010 at 5:33 PM, Chris > Flugstad wrote: > > > >> So i have public IP's , not Nat'd , on this box, 1.2.3, and I have > >> blocked an ip on both WAN AND LAN , any protocol, source and > >> destination, and traffic is still passing for this ip. > >> > >> any help? > >> > >> > > Traffic will never be sourced from and destined to the same IP. > > > > > - > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com For > additional > > commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com For > additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
So what rule(s) would I add to block all traffic to this ip. I setup traffice shaping and set this ip to a 5k up/down but its still much higher than that -chris On 9/22/2010 2:39 PM, Chris Buechler wrote: On Wed, Sep 22, 2010 at 5:33 PM, Chris Flugstad wrote: So i have public IP's , not Nat'd , on this box, 1.2.3, and I have blocked an ip on both WAN AND LAN , any protocol, source and destination, and traffic is still passing for this ip. any help? Traffic will never be sourced from and destined to the same IP. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BLOCK IP or ALIAS firewall rule not blocking traffic
On Wed, Sep 22, 2010 at 5:33 PM, Chris Flugstad wrote: > So i have public IP's , not Nat'd , on this box, 1.2.3, and I have blocked > an ip on both WAN AND LAN , any protocol, source and destination, and > traffic is still passing for this ip. > > any help? > Traffic will never be sourced from and destined to the same IP. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
