Blocking Specific Outbound IP Address?



  • This post is deleted!


  • You would specify a rule on your outgoing interface (LAN) that blocks access to the IP address in question.

    So under "Firewall->Rules->LAN" add a rule that blocks from Source:Any, Protocol:Any, Destination:the IP you want to block.

    See the docs for more info:https://doc.pfsense.org/index.php/Firewall_Rule_Basics



  • A subtle distinction about rules in pfSense that may differ from other products:  they are applied in the inbound direction on an interface.  Inbound means you are sitting in the middle of the box, between the LAN and WAN.  Traffic from your clients is inbound on LAN;  traffic from the rest of the world is inbound on WAN.  That's why you add the rule to the LAN interface.



  • Add the rule on the WAN interface as a floating rule. Set the direction of the rule as "out" and check the "Quick" option on the rule to make it apply immediately so that no other rule could override the block rule.



  • I certainly wouldn't suggest a floating rule for what is presented as a very basic single interface/direction firewall case.

    Just my $.02


Log in to reply