oh... try blocking on the WAN int based on the source IP. so... block
in on $ext_if ip from {badguy} to any.
On Sat, Sep 26, 2009 at 6:12 PM, Chris Flugstad <ch...@cascadelink.com>wrote:
> Chris Buechler wrote:
>
>> On Sat, Sep 26, 2009 at 11:04 PM, Chris Flugstad <ch...@cascadelink.com>
>> wrote:
>>
>>
>>> I have public IP's on my LAN and outbound NAT off. I have a ip address
>>> that
>>> is somewhat malicious and needed to block traffic to and from it.
>>> i tried making fw rules but that didnt work
>>>
>>> any ideas?
>>>
>>>
>>>
>>
>> That's all you need to do. Make sure they're in the right order, first
>> match wins.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
>> For additional commands, e-mail: support-h...@pfsense.com
>>
>> Commercial support available - https://portal.pfsense.org
>>
>>
>>
> I tried on WAN int with the destination of the LAN IP that is maliscious.
> no dice. its still getting traffic through. tried on LAN int with
> blocking single host (lan ip of mal ip) as the destination
>
> ill just try EVERY option ;) untill it works
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
