PfBlocker Inbound Interface not working correctly

  • I'm new to using pfsense so this may very well be a noob question and I apologize if it is. My current dilemma is that pfblocker will not block incoming packets from the block lists. When lists are set to deny inbound it shows the status as being down. If I set up a list to be deny both (inbound + outbound) the status is up. For some reason it can't correctly see the inbound interface (WAN). As you can see in the screenshots attached only the lists set to deny both work (partially).
    I'm using pfsense as my home router and for the security features. All of the general router settings work but pfblocker won't work correctly. The setup of my network is this:

    |–> Desktop
    modem --> pfsense box --> Cisco Gigabit Switch-|--> Rosewell wifi router
                                                                      |--> canon printer

    When I initially set up the router/firewall I had difficulties in assigning the interfaces and that may be an issue. Another issue I had was I had to put in specific DNS servers for the router to get it to initially connect to the internet but once it connected it found different ones.

    here is the screenshots(only way i could get this to work):

  • pfBlocker works by creating rules for the firewall based on your lists. Also, it doesn't add rules on interfaces with no allow rules as the "default deny all" rule is already there. Can you post a screenshot of your firewall rules on WAN.

  • Here is a screenshot of the WAN firewall rules. Also, the other day pfblocker on the dashboard widget showed a internal server error. The error code was either 500 or 505, something like that. Attached are screenshots of the WAN; they are attached to the reply instead of a link this time.

    ![firewall - rules - wan.jpg](/public/imported_attachments/1/firewall - rules - wan.jpg)
    ![firewall - rules - wan.jpg_thumb](/public/imported_attachments/1/firewall - rules - wan.jpg_thumb)

  • Just like  fragged said.

    Pfblocker will create wan(inbound) rules only when there are allow rules on wan.
    You screenshot only shows default deny all inbound traffic.

  • So what do I need to do to get that working? I see there is the add new rule but what do I need to set up to get this working?

    ps I apologize for my ignorance but I'm learning for the first time. Also, thanks for the help!

  • @ShadowVirus:

    So what do I need to do to get that working? I see there is the add new rule but what do I need to set up to get this working?

    It is working. You do not need a deny rule when you have a deny all rule.

  • Okay cool. So out of curiosity would that block incoming traffic such as remote connections and if I wanted to set something like that up would I create a pass rule in the WAN firewall?

Log in to reply