block ip with multi wan ip
-
Hello,
i have on my pfsense 4 WAN IP address, i want if someone send packet to my second WAN IP, it automatically block him
does it possible? -
Not sure I understand the question. All traffic arriving at a WAN address will be blocked by default.
Do you mean from the inside? What sort of block do you want there?
Steve
-
for example my wan IP 1.1.1.1 with subnet 255.255.255.248
now i want everyone who try to get 1.1.1.2 going be block if it wan or lan.i dont want block all IPs , i need it block automatically only who send a traffic to this IP (1.1.1.2)
and do blacklist with this IPs, does it possible? -
You could probably do that with a custom rule in Snort. Trigger on any traffic with destination 1.1.1.2.
I assume those are just example IPs since that's public address space.
Steve
-
thank you, it working.
for archive this my custom rules:drop tcp $EXTERNAL_NET any -> 1.1.1.2/32 any (msg:"Ignore all traffic"; sid: 1;)
drop udp $EXTERNAL_NET any -> 1.1.1.2/32 any (msg:"Ignore all traffic"; sid: 1;)
