Default - all closed or all open? (A question of policy)
-
I have a firewall running with two wan interfaces and two lan interfaces. I have had a hard time getting things set up so that all traffic between the lan interfaces is blocked. I think I finally got it.
So to me, it seems like pfSense has a policy of defaulting to all open. Is this correct?
And if it is correct, would it not be better to have a policy of all closed so whatever you want to do, you specifically have to open for it?
-
Nope - Unless a rule passes traffic, its blocked.
Default is drop silently.
-
Depends how you look at it, yes by default outbound from the 1st lan network is open. Inbound from the wan is blocked
If you add a new lan interface, say lan2 the default is blocked outbound.. But from lan1 to lan2 it would be open.
-
^^^^ True - But if the 1st LAN had no pass rule, NEWBS like me would be locked out at install and begging johnpoz for help to get in ;D