LAN deny iplist inbound/outbound but pfsense itself allow outbound
I've been running pfblocker many years on all interfaces with a couple of ip blocklists with deny inbound and outbound. It works perfect with no issues but now I need to add an iplist that no clients on the LAN is allowed to access but the pfsense box itself must be allowed to access. I can't figure out how to make that work, adding another iplist will block inbound/outbound on the wan as well because I can't tell which interface the list should be applied on or am I missing something (you setup under General which interfaces all lists in pfblocker should be applied on) ?
RonpfS last edited by
The settings under Firewall / pfBlockerNG / IP is for Auto Rules creation.
You can create an IP table with Alias type Action and use it with your own Firewall rules.
Ok, so I don't use pfblocker for this at all :)
I created an alias with all the ip addresses I want to block
Under Firewall/Rules/LAN1 I created a rule
Destination 'Single host or alias' 'my_alias'
I placed the rule after the Pfblocker auto rules and it seems to be working but the question is if I did it correctly ?
Many thanks for the simple solution