WAN rules not working, what am I doing wrong?

  • I got this very simple Pfsense setup for testing purposes, but im experiencing some problems with the firewall rules. It seems none of my WAN firewall rules are working.

    Here is a visio drawing of my setup, including IP addresses and gateways etc.

    Now internet is working on my client, but when I make an all-blocking WAN rule It doesn't do anything at all.

    This rule should block all internet traffic right? (never mind the torrent/emule accept rules, I tested without them too)

    On my LAN nic I have an all-accept rule

    I enabled logging on both rules and this is what I'm getting, lots of LAN accepts and some WAN blocks.
    I just don't get it:

    Shouldn't I be getting LOTS of WAN blocks everytime I try to surf to a website or anything?
    Could anybody enlighten me? what am I doing wrong?

  • Firewall rules are applied to incoming traffic on an interface, not on traffic leaving the interface. If you block everything on WAN you are not limiting outgoing connections coming from LAN, only incoming connections on WAN.

  • Ok that was too easy! guess I learned something.. It's working perfectly fine now, thank you.

Log in to reply