@left4apple said in Put IoT reject rules on WAN or LAN?:
What would be the correct way to stop the traffic from getting into pfSense?
As you already stated - on the lan side of pfsense.. Before it enters pfsense..
If someone came to your front door and said hey can I walk through your house to go to your back yard.. Would you stop right there at the front door, or would you let them stomp their muddy feet all through your house and then when they were going to exit your back door say - hey wait a minute I don't want you to go there..