PFblocker Issues
-
Hi guys,
My install of pfblocker and addition of lists seems to have worked. However, I don't think my lists were added to the rules correctly (or not at all, see attachments). Must I add the rules manually? If so, are there any sample rules for pfblocker specifically that someone can post or direct me to? Thank you.
-
You probably have the action for each list (in pfBlockers Lists tab) set to "alias only". You could use the aliases to create your own rules or you can specifiy another action (block, reject) for each list in pfBlocker.
-
And if WAN has no pass rules, then it is blocking all incoming connects anyway. pfBlocker recognizes that and does not then bother to add its own block rules on WAN. So if all your rules are for incoming on WAN, then you will not see them.
I guess if you add 1 pass rule on WAN to pass some combination that traffic will never match, that will "trick" pfBlocker into putting all its rules there on WAN. -
Thank you for your responses. I don't have alias only, I have it set to block inbound. Maybe that is why there are no new rules, as the WAN has no allow rules and defaults to block. Does this sound right?
-
Yes, correct.
You can test by putting a silly pass rule on WAN - pass source WANaddress, destination WANaddress - that will never match any real harmful traffic. Then the pfBlocker rules should appear - you probably have to "save" in pfBlocker to kick it into action to rerun its code to generate the rules.