4. Bridged Firewall

Bridged Firewall

  • P

    The recently removed option in System->Advanced says:

    Enable filtering bridge
    This setting no longer exists as it is unnecessary. Filtering occurs on the member interfaces of the bridge and cannot be disabled.

    The operative word there is interfaceS - i.e. plural. My question is… Why can I only add filter rules (which work) to block traffic from certain hosts on the optional interface that forms the far side of the bridge from the WAN interface, where the packets come in on. That's to say if I have WAN and OPT1 bridged, why do firewall rules for inbound packets only work when they're assigned to OPT1 and not WAN?

    This means that, if I want to block a source address from sending packets to both the other side of the bridge and the pfsense box itself, I need to add 2 duplicate rules on 2 different interfaces.

    Am I missing something here or is this illogical?

    Phil

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy