Simple block of traffic to port 80 on webserver machine
-
I haven't been able to get to my webserver behind pfsense box; I've tried several different things. Now I am trying to block access to it from my lan to my bridge where it is located. I changed the setting to enable filtering of bridge and set up a firewall rule to block all web traffic from one ip to the ip host for my website. I setup the rule on both my Lan and Bridge to block traffic and now I can still get to my website. Just trying to figure out what to do; I'm running 1.0.1 and the filters seem to be reloading, so that's where I am.
Anyone have any ideas?
-
Please add an asciidraft about your networksetup. Also provide the exact rules you created for the blocked traffic.
-
Please add an asciidraft about your networksetup. Also provide the exact rules you created for the blocked traffic.
Is that something available in one of the system log files or do I have to write it all out? Sorry I'm still fairly new to pfSense and firewalling is something I'm trying to learn the correct way to do.
Thanks.
-
You can copy/paste the firewallrules from the webgui (firewall>rules). Concerning the ascii diagram of your network you have to simply whip it up yourself.
Oh, and maybe you haven't found this yet: http://pfsense.trendchiller.com/transparent_firewall.pdf (it's linked at pfsense.com, tutorial section).
-
Okay, here are the rules -
LAN
TCP/UDP 10...17 80 (HTTP) 10...5 80 (HTTP) * Block 80 on primary
* LAN net * * * * Default Subnet -> AnyBRIDGE
TCP/UDP 10...17 80 (HTTP) 10...5 80 (HTTP) * Block tcp port 80 from t40
* LAN net * * * * Default LAN -> anyAlright, here is my attempt at a network ascii representation…
10...17
/
LAN(linksys wi-fi) - 10...#
10.../24/ ^
WAN - pfSense | 10...#
~ | 10...5
~ | /
Bridge - 10...#
10..*.#Does this help at all? I have bridge filtering enabled; any other ideas on things I can do?
-
This is wrong:
TCP/UDP 10...17 80 (HTTP) 10...5 80 (HTTP) * Block 80 on primaryTo block access to a web server your source port should be * (it is shown to be 80)
This is correct:
TCP/UDP 10...17 * 10...5 80 (HTTP) * Block 80 on primaryThis rule will block access from 10...17 to the web server on 10...5
Generally you will never specify the source port, only the destination port.
-
Okay, I got it working; it's a tricky if you don't know what you are doing. Thanks for your help!