On 4/27/2010 6:37 PM, Chris Flugstad wrote: > I block an ip in the fw rules on lan and wan, and then reset states, but > traffic is still being passed to and from that ip > > did i miss something?
These problems boil down to one of a few issues: 1. IP has an existing state. Clearing states or rebooting would fix. 2. Rule is below other rules that matches the traffic, and is thus ignored. First match wins. 3. Rule is on the wrong interface. Rules go on the interface where pfSense first sees the traffic ("in" direction, from the firewall's POV). Blocking traffic coming from a LAN client? Rule goes on LAN. Blocking traffic coming from an Internet host? Rule goes on WAN. 4. The rule does not actually match the traffic. Be more general than specific. Especially make sure the protocol and IP match. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org