[pfSense] Block Rule doesnt work

Jürgen Echter j.echter at echter-kuechen-elektro.de
Wed Jan 25 11:04:32 EST 2012 

Am 25.01.2012 16:26, schrieb Moshe Katz:
> Try using "Source: * (any)" instead of "Source: WLAN Net".  It will 
> only apply to WLAN traffic anyway because of which interface it 
> applies to.
>
> It would be helpful for you to send the screenshot again WITH the 
> left-most column - the icons OUTSIDE the table.  Make sure your rules 
> are actually "block" rules (red icons) and that they are enabled.
>
> I'm sorry if this sounds like a stupid question but did you make sure 
> your IP address is not the one that is allowed through in the first rules?
>
> Moshe
>
> ------------------------------
> Moshe Katz
> -- moshe at ymkatz.net <mailto:moshe at ymkatz.net>
> -- +1(301)867-3732 <tel:%2B1%28301%29867-3732>
>
>
>
> 2012/1/25 Jürgen Echter <j.echter at echter-kuechen-elektro.de 
> <mailto:j.echter at echter-kuechen-elektro.de>>
>
>     Am 24.01.2012 12:58, schrieb Matthias May:
>
>         Jürgen Echter wrote:
>
>             Hi,
>
>             maybe i'm doing something wrong.
>
>             i have 3 interfaces, one for wan, one for lan and one for
>             wlan.
>
>             i don't want that wlan users have access to my lan.
>
>             so i tell the firewall rule on the LAN interface to block
>             everything from WLAN subnet, but i'm still able to receive
>             different webpages hosted on the LAN.
>
>             also i tried to tell the WLAN interface to block
>             everything what has my LAN as destination, same effect.
>
>             what's wrong?
>
>             greets
>
>             juergen
>             _______________________________________________
>             List mailing list
>             List at lists.pfsense.org <mailto:List at lists.pfsense.org>
>             http://lists.pfsense.org/mailman/listinfo/list
>
>
>         Firwall rules go to the interface on which traffic is received.
>         So if you want to block traffic from the WLAN interface to the
>         LAN interface, then the rule has to go to the WLAN interface.
>         Rules are processes from top to bottom and if a rule catches
>         the rest below is no longer considered.
>         Meaning if you have an allow rule above your block rule, the
>         allow rule will always catch.
>         Put your block rules all the way to the top.
>
>         If that doesn't help, send a screenshot of your rules.
>         (Overview, not the configuration of the rule itself).
>
>         Greetings
>         Matthias May
>         _______________________________________________
>         List mailing list
>         List at lists.pfsense.org <mailto:List at lists.pfsense.org>
>         http://lists.pfsense.org/mailman/listinfo/list
>
>
>     ok, here's a screenshot from my rules.
>
>     i want to block / reject access from wlan to lan.
>
>     if i try from a box in the wlan to access a webpage from lan it
>     just works. thats what i don't want :)
>
>     greets.
>
>     _______________________________________________
>     List mailing list
>     List at lists.pfsense.org <mailto:List at lists.pfsense.org>
>     http://lists.pfsense.org/mailman/listinfo/list
>
>
>
> _______________________________________________
> List mailing list
> List at lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
oh and here is the screenshot with the icons on the left.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pfsense.org/pipermail/list/attachments/20120125/01116181/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rules.JPG
Type: image/jpeg
Size: 62489 bytes
Desc: not available
URL: <http://lists.pfsense.org/pipermail/list/attachments/20120125/01116181/attachment-0001.jpe>

More information about the List mailing list