Configure pfBlockerNG to Filter 1-1 NAT and/or Port Forwards
Ref: Running on Netgate 1100. pfSense+ 23.01. pfBlockerNG 3.2.0_3
I have not found the correct settings to let the 1100 apply filtering to either a 1-1 NAT or Port Forwards. The only purpose of the 1100 is to keep malicious actors out of my system.
I would really appreciate someone pointing me in the right direction on configuring the 1100. A system diagram is attached.
@mpfrench Are you trying to block certain lists? Or allow certain countries? For instance I will often have pfB create Alias Native aliases, and then use that alias as the source on a NAT rule.
If you're trying to block you can create rules on WAN to block access. See the image at the top of https://docs.netgate.com/pfsense/en/latest/nat/process-order.html. Again I'd create the list as Alias Native and then make my own rules as needed.
@steveits Thanks for your suggestion. I got it to work after a fashion. The autoconfiguration of pfBlockerNG puts the blocking on only the LAN. When I added to the WAN, it began to operate as I desired.
I wonder why the autoconfigure ever puts the rule on the LAN instead of the WAN when the purpose of pfBlocker is to keep bad crap out of your system.