Some questions about rules.
-
How I understand, the pfSense firewall rules have deal with conections, not with packets.
But I don't saw next rules for tcp conections in rules.debug:
block return-rst quick proto tcp all flags /S
block return-rst quick proto tcp all flags A/A.
Rules allowed to be written only for incoming conections for some IF, with prefix quick.
All outgoing conections are allowed.
Last rule(s) is(are) block.
All host/nets aliases are tables. -
In general it works like this:
- traffic is checkod on incoming connections at an interface
- if the connection is allowed it will create a state to allow the reverse connection as well
- first rule wins (top down)