Pf rules dont block



  • Hi All,
    I use pfsense 1.2.2 developer and 1.2.3 rc1 i write rule "block 1863 port" but I access to remote server 1863 port :S

    I deny all lan port, pfsense block trafik but i access web 80 and 443. port and open msn messenger but dont running skype, gtalk etc.

    Do you know my fw rule problem.

    My pf rule and image attach to post ..


    pfrules.txt



  • The rule does exactly what you told it to do.
    You have the port 1863 as SOURCE and not as DESTINATION.



  • Thansk for reply,
    I need block a port for lan and wan interface !
    I change rules but still dont runnig ?

    My rule

    http://img80.imageshack.us/img80/9982/pfrule.jpg

    Connection

    http://img80.imageshack.us/img80/3566/31596335.jpg

    what is my problem ?.. What should I do   ???



  • Please read up / learn how the rules work !

    They are processed from top to down.
    If a rule catches, the rules below no longer are considered.

    Your new rule states that a packet has to:
    "Originate from the IP of the LAN interface of the pfSense"  (Are you running MSN on your pfSense O_o)
    "Have a sourceport of 1863"    (This will never happen, because the source port is random)
    "Is destined to the IP of the WAN interface of the pfSense"  (Are you running an MSN server on your pfSense?)
    "The server is running on port 1863"  (This is the only setting which is correct).

    Make a rule:
    Source: any
    Source-port: any
    Destination: any
    Destionation-port: 1863



  • a lot of thanks

    thanks for relation.


Log in to reply