Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking Wyze/IoT devices from phoning home

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 2 Posters 745 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      krizzle
      last edited by krizzle

      Hello,

      I have some devices that I would like to restrict from phoning home outside of my network. I believe I have the process done correctly but I'm fairly new to networking and I would like to double check for my sanity. To block these devices I checked their states by inputting the specific IP for the device to see where they were going. From there I set up a floating firewall rule with the settings in the image below. The IP of the device in the blue censored area. pfsense.JPG

      Is this all I need to do to block a device from talking outside of my network?

      Thanks for the help.

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        There is no reason to do that in the any direction, nor would your local IP ever be a source IP into your wan.

        If you don't want say IP 192.168.1.100 from talking outbound, then just on this lan - on the top of you rules block that source IP.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07 | Lab VMs 2.8, 25.07

        K 1 Reply Last reply Reply Quote 0
        • K Offline
          krizzle @johnpoz
          last edited by krizzle

          @johnpoz So what should be changed to allow me to block devices from talking out? How does my rule need to be setup? Direction only set to Out? Also does the IP of the IoT device get put in the destination section?

          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by

            The rule would be for lan only, and it would only need to be in.. Or just put the rule on the lan interface directly.. Floating tab is really for special use.. Such a basic rule has no place on floating..

            And your going to want to make the rule quick if on floating.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07 | Lab VMs 2.8, 25.07

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.