Some questions about rules.

  • How I understand, the pfSense firewall rules have deal with conections, not with packets.
    But I don't saw next rules for tcp conections in rules.debug:
    block return-rst quick proto tcp all flags /S
    block return-rst quick proto tcp all flags A/A.
    Rules allowed to be written only for incoming conections for some IF, with prefix quick.
    All outgoing conections are allowed.
    Last rule(s) is(are) block.
    All host/nets aliases are tables.

  • In general it works like this:

    • traffic is checkod on incoming connections at an interface
    • if the connection is allowed it will create a state to allow the reverse connection as well
    • first rule wins (top down)

Log in to reply