Can anyone help me understand better how firewalling on pfSense works?
-
Hello everyone,
I´am trying to understand how firewalling in pfSense works.
I believe that packets come in at the WAN interface and gets
forwarded to the LAN interface. I have firewall rules blocking
all traffic at the WAN interface but I am still able to receive
traffic at the LAN interface while there are no allow rules at
the WAN interface.Another example is if I block an IP address at the WAN interface
I still get entries in my IDS on a computer connected to the
LAN. I thought that those packets would never reach the
computers attached to the LAN if I blocked the traffic at the
WAN interface.Can anybody help me understand how this works?
Thanks in advance.
-
It's the same as any stateful firewall. Basic explanation here:
http://doc.pfsense.org/index.php/Firewall_Rule_Basicsdetailed explanation in http://pfsense.org/book