Block everything except PPPoE using new ethernet rules on desired interface

w0w

PPPoE is a layer 2 protocol that uses ID 0x8864 for session and 0x8863 for discovery. I've created two rules on the PPPoE parent interface to enable these protocols. Now, I want to block all other protocols on that interface. However, when I add a rule with the protocol set to "any" and the action set to "block" after those two rules, everything stops working on this interface. What am I doing wrong?

viragomann

@w0w
Did you enable Ethernet Filtering in pfSense?
It's only available in Plus.

Then you have to select "Other" at protocol, so you get a box to enter the type ID.

w0w

@viragomann
Yes it's plus, ethernet rules are enabled and as I said rules are already created, the question remains how to disable ALL other protocols, except those mentionied.

viragomann

@w0w
They are allowed by default. So you might have to block all unwanted traffic, as you tried already.
So what if you add rules to allow the desired ones, followed by a block rule for any?

w0w

Looks like this setting did the trick:

Quick    Apply the action immediately on match.