Can anyone help me understand better how firewalling on pfSense works?
I´am trying to understand how firewalling in pfSense works.
I believe that packets come in at the WAN interface and gets
forwarded to the LAN interface. I have firewall rules blocking
all traffic at the WAN interface but I am still able to receive
traffic at the LAN interface while there are no allow rules at
the WAN interface.
Another example is if I block an IP address at the WAN interface
I still get entries in my IDS on a computer connected to the
LAN. I thought that those packets would never reach the
computers attached to the LAN if I blocked the traffic at the
Can anybody help me understand how this works?
Thanks in advance.
It's the same as any stateful firewall. Basic explanation here:
detailed explanation in http://pfsense.org/book