How to Block a running ping (solved)

  • I am having a strange issue...

    I have a rule that block ping (echo requests) from the LAN network interface to a openvpn client interface (OVP1), the rule is working fine blocking the ping to the prohibited network...

    For example if i start a ping in a machine to the prohibited network it is giving:

    Timed out.
    Timed out.
    Timed out.

    When i disabled the rule, obviously:

    Answer from...
    Answer from...
    Answer from...

    What i think is perfect correctly.

    But then when i re-enable the block rule, the ping don't stops, except if i stop the ping on the machine before changing the rule - i tried to wait some minutes thinking pfsense was needing to reload the rules but the ping are still running. So what i am watching is that is impossible to stop a ping that is already running, even if i block all the firewall traffic in all interfaces, what i think is very unexpected for me that are using until now other firewalls like Iptables, Endian, or Cisco ASA FW - other protocols seems to do not have this issue.

    I am creating the rule, as a floating rule and marking "Apply the action immediately on match.". I tried to create it in the LAN tab too but the effect was exactly the same.

    On Endian FW for example i am able to stop the ping immediatily if the rule is re-enabled.

    What is wrong with me?

  • Established states are not affected by rule changes. Kill them first via Diagnostics - States.

  • Thank you very much! I am trying to mark it as solved how do i do this?

  • Edit the title and put a [Solved] in front is what people usually do.

  • Is exactly what i am trying to do a message saying that spam is detected appears.

  • No idea. If you're the OP then the board should let you edit anything about the post.

  • Thanks i removed [] and used () and now its done.

Log in to reply