deny Internet connection for LAN
-
Remove the Default Allow LAN to any rule in your LAN firewall rules.
-
@KOM Sorry, I don't have this rule.
If to remove a proxy from the browser, in Pf to stop squid - there is also no Internet.
Help to understand, please, how correctly it is necessary to configure.
I want to prohibit access to the Internet passing a proxy (squid). -
@DimmKo said in deny Internet connection for LAN:
Sorry, I don't have this rule.
So you removed the rule manually? This rule is there by default for the first LAN interface.
-
@KOM said in deny Internet connection for LAN:
So you removed the rule manually? This rule is there by default for the first LAN interface.
Firewall -> Rules -> LAN
If I correctly understand. There is not this rule. -
Post a screenshot of your LAN rules.
-
@KOM Thank's fir your help.
Tommorow I will add screenshot. -
Here are my LAN rules, for example. I've highlighted the Default allow LAN to any rule at the bottom.
-
@KOM Hello.
This is my screenshot form PfSense: Firewall -> Rules -> LAN.
Sorry for big size.I can't past image into spoiler.(((
-
Wow, that's a LOT of rules for a LAN. Just to clarify, when you said "I want to block access to Internet from my LAN PC.", did you mean just your PC alone? And by "Internet", do you mean just http/s or ALL traffic of any type?
If you want to block only your PC, then you need to add a block rule ABOVE any rules that permit tcp80,443 access. The Source would be your PC's IP address. The Destination would be any, ports would be http & https (one rule for each).
-
@KOM Thank you for your answer!
I'm sorry for my long silent.
Lock rule three times on top - .0.123 - but it don't work. -
Go to Diagnostics - States and reset your states. Existing states are not affected by a block rule change.
