About how Firewall rulles are applied
-
Hi!
Here is situation:p f S e n s e
MACHINE–----LAN------WAN------SERVER
packet -> -> check? -> check?-> ->I have pfSense witch can route packets between LAN and WAN
When I send a pocket from machine connected to LAN to a server connected somewhere in the Internet (to WAN), on witch port pocket filter do the filtering work?
I wonder, if firewall rulles are doublechecked on the LAN port at first, and at the WAN port at second?
In another words,
Firewall rulles are applied on a port, on witch packets come in(LAN), or from witch port they come out(WAN), or on both of this ports?I am really confused about it.
I would really appriciate the description on how it really works.
Thank You a Lot -
@http://forum.pfsense.org/index.php/topic:
Rules are processed from top to down.
If a rule catches the rest of the rules is no longer considered.
Per default a "block all" rule is always in place (invisible below your own rules).Traffic is filtered on the Interface on which traffic comes in.
So traffic coming in on the LAN-Interface will only be processed by the rules you define on the LAN tab. -
Thank You!
:D 8)
