Howto: Block static IP?
-
Hi,
I'm new in pfsense. And I'd like to know how to make rules to firewall for blocking lan IP addresses, like example 192.168.0.5.
What I mean is that, when someone choose to his computer static IP like 192.168.0.5 then he/she can't use worldwide internet over that IP.Thank you!
-
Just create a block rule for this IP above your allow rule.
-
I made a picture of my rule. I think there is something wrong - it won't work. :(
-
Yes this wont work because the block rule has to be above the allow rule.
Also if you want to block a single IP you need to have as subnet /32.
With /24 you block the whole subnet. -
Ahhh yes! Thank You! That was the problem. It must be before allow rule! And I put subnet mask 31 because there isn't choice 32. It's working!
-
Ah yes there is only /31 available.
But this is only if you select in the drop-down "network".
You can select "Single host or alias".
With that you can specify a single IP.