5. Reject rule with any protocol?

Reject rule with any protocol?

  • C

    2.0-BETA5 (amd64)
    built on Wed Feb 16 23:27:05 EST 2011

    I just created a firewall rule with Action:reject, Protocol:any. Pfsense used to complain that I must select TCP, UDP or TCP/UDP as the protocol when creating a reject rule. Is this a feature or a bug? I haven't had a chance yet to test the result of this new rule.

    0
  • R

    you can only reject TCP and UDP packets.  better to use Block anyway.  Google: Block vs. Reject TCP

    Roy..

    Edit: It's OK to use Reject on your LAN rules but use Block on your WAN rules.

    0
  • C

    @rpsmith:

    Edit: It's OK to use Reject on your LAN rules but use Block on your WAN rules.

    Yeah, I'm working on the LAN rules. As for the WAN side, yeah, I've read a bunch of discussions and there doesn't appear to be a consensus.

    I'm still wondering why pfsense used to refuse to make a reject rule for any protocol, and now it does. Maybe the rule is interpreted as a block for non-TCP/UDP packets?

    0
  • R

    not all protocols support a reject packet.  a block rule doesn't require protocol support.

    Roy…

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy