Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlocker Inbound Interface not working correctly

    Scheduled Pinned Locked Moved pfSense Packages
    7 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      ShadowVirus
      last edited by

      I'm new to using pfsense so this may very well be a noob question and I apologize if it is. My current dilemma is that pfblocker will not block incoming packets from the block lists. When lists are set to deny inbound it shows the status as being down. If I set up a list to be deny both (inbound + outbound) the status is up. For some reason it can't correctly see the inbound interface (WAN). As you can see in the screenshots attached only the lists set to deny both work (partially).
      I'm using pfsense as my home router and for the security features. All of the general router settings work but pfblocker won't work correctly. The setup of my network is this:

      |–> Desktop
      modem --> pfsense box --> Cisco Gigabit Switch-|--> Rosewell wifi router
                                                                        |--> canon printer

      When I initially set up the router/firewall I had difficulties in assigning the interfaces and that may be an issue. Another issue I had was I had to put in specific DNS servers for the router to get it to initially connect to the internet but once it connected it found different ones.

      here is the screenshots(only way i could get this to work):
      https://www.dropbox.com/sh/auc1qzqmgtyj0qq/PWRe8tRnnn

      1 Reply Last reply Reply Quote 0
      • F
        fragged
        last edited by

        pfBlocker works by creating rules for the firewall based on your lists. Also, it doesn't add rules on interfaces with no allow rules as the "default deny all" rule is already there. Can you post a screenshot of your firewall rules on WAN.

        1 Reply Last reply Reply Quote 0
        • S
          ShadowVirus
          last edited by

          Here is a screenshot of the WAN firewall rules. Also, the other day pfblocker on the dashboard widget showed a internal server error. The error code was either 500 or 505, something like that. Attached are screenshots of the WAN; they are attached to the reply instead of a link this time.

          ![firewall - rules - wan.jpg](/public/imported_attachments/1/firewall - rules - wan.jpg)
          ![firewall - rules - wan.jpg_thumb](/public/imported_attachments/1/firewall - rules - wan.jpg_thumb)

          1 Reply Last reply Reply Quote 0
          • marcellocM
            marcelloc
            last edited by

            Just like  fragged said.

            Pfblocker will create wan(inbound) rules only when there are allow rules on wan.
            You screenshot only shows default deny all inbound traffic.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • S
              ShadowVirus
              last edited by

              So what do I need to do to get that working? I see there is the add new rule but what do I need to set up to get this working?

              ps I apologize for my ignorance but I'm learning for the first time. Also, thanks for the help!

              1 Reply Last reply Reply Quote 0
              • marcellocM
                marcelloc
                last edited by

                @ShadowVirus:

                So what do I need to do to get that working? I see there is the add new rule but what do I need to set up to get this working?

                It is working. You do not need a deny rule when you have a deny all rule.

                Treinamentos de Elite: http://sys-squad.com

                Help a community developer! ;D

                1 Reply Last reply Reply Quote 0
                • S
                  ShadowVirus
                  last edited by

                  Okay cool. So out of curiosity would that block incoming traffic such as remote connections and if I wanted to set something like that up would I create a pass rule in the WAN firewall?

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.