3. Adding a deny rule in console using easyrule

Adding a deny rule in console using easyrule

  • J

    I have been trying to learn easyrule within the pfsense console and I am stuck on trying to create an easyrule command in order to create a Lan rule that blocks any port from any source ip to any destination ip. Basically, a deny any any rule. From what I have gathered, easyrule can only be used to block a specific ip address and not even a port.

    PS: I am aware it would be so much easier to go to the web gui and use the rules, lan page to add a rule like this. Thanks for the help in advance!

    0
  • Rebel Alliance Developer Netgate

    The block function only works by source IP address. That's just how the utility was coded. It's original purpose was for blocking and passing items seen in the firewall log. From there, the most secure choice was to assuming blocking meant anything from that address, and for passing the most secure choice was to be specific and only pass to one IP address/proto+port.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy