Pf rules dont block
-
Hi All,
I use pfsense 1.2.2 developer and 1.2.3 rc1 i write rule "block 1863 port" but I access to remote server 1863 port :SI deny all lan port, pfsense block trafik but i access web 80 and 443. port and open msn messenger but dont running skype, gtalk etc.
Do you know my fw rule problem.
My pf rule and image attach to post ..
pfrules.txt -
The rule does exactly what you told it to do.
You have the port 1863 as SOURCE and not as DESTINATION. -
-
Please read up / learn how the rules work !
They are processed from top to down.
If a rule catches, the rules below no longer are considered.Your new rule states that a packet has to:
"Originate from the IP of the LAN interface of the pfSense" (Are you running MSN on your pfSense O_o)
"Have a sourceport of 1863" (This will never happen, because the source port is random)
"Is destined to the IP of the WAN interface of the pfSense" (Are you running an MSN server on your pfSense?)
"The server is running on port 1863" (This is the only setting which is correct).Make a rule:
Source: any
Source-port: any
Destination: any
Destionation-port: 1863 -
a lot of thanks
thanks for relation.