Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN deny iplist inbound/outbound but pfsense itself allow outbound

    Scheduled Pinned Locked Moved pfBlockerNG
    3 Posts 2 Posters 419 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      seanr22a
      last edited by

      I've been running pfblocker many years on all interfaces with a couple of ip blocklists with deny inbound and outbound. It works perfect with no issues but now I need to add an iplist that no clients on the LAN is allowed to access but the pfsense box itself must be allowed to access. I can't figure out how to make that work, adding another iplist will block inbound/outbound on the wan as well because I can't tell which interface the list should be applied on or am I missing something (you setup under General which interfaces all lists in pfblocker should be applied on) ?

      1 Reply Last reply Reply Quote 0
      • RonpfSR
        RonpfS
        last edited by

        The settings under Firewall / pfBlockerNG / IP is for Auto Rules creation.

        You can create an IP table with Alias type Action and use it with your own Firewall rules.

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        S 1 Reply Last reply Reply Quote 0
        • S
          seanr22a @RonpfS
          last edited by

          @RonpfS

          Ok, so I don't use pfblocker for this at all :)

          I created an alias with all the ip addresses I want to block

          Under Firewall/Rules/LAN1 I created a rule
          Reject
          LAN1
          IPv4
          Any

          Source Any
          Destination 'Single host or alias' 'my_alias'

          I placed the rule after the Pfblocker auto rules and it seems to be working but the question is if I did it correctly ?

          Many thanks for the simple solution 👍

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.