block ip with multi wan ip



  • Hello,
    i have on my pfsense 4 WAN IP address, i want if someone send packet to my second WAN IP, it automatically block him
    does it possible?


  • Netgate Administrator

    Not sure I understand the question. All traffic arriving at a WAN address will be blocked by default.

    Do you mean from the inside? What sort of block do you want there?

    Steve



  • for example my wan IP 1.1.1.1 with subnet 255.255.255.248
    now i want everyone who try to get 1.1.1.2 going be block if it wan or lan.

    i dont want block all IPs , i need it block automatically only who send a traffic to this IP (1.1.1.2)
    and do blacklist with this IPs, does it possible?


  • Netgate Administrator

    You could probably do that with a custom rule in Snort. Trigger on any traffic with destination 1.1.1.2.

    I assume those are just example IPs since that's public address space.

    Steve



  • thank you, it working.
    for archive this my custom rules:

    drop tcp $EXTERNAL_NET any -> 1.1.1.2/32 any (msg:"Ignore all traffic"; sid: 1;)
    drop udp $EXTERNAL_NET any -> 1.1.1.2/32 any (msg:"Ignore all traffic"; sid: 1;)


Log in to reply