Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall not dropping by default

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 614 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      Lawrence
      last edited by

      Hi all,

      I have the following firewall rules on the interface that corresponds to my 192.168.3.0/24 network:

      As expected I cannot reach 192.168.2.13 or 192.168.4.0/24 network from 192.168.3.2,
      but I can telnet to 192.168.3.2 from 192.168.2.13 and any host in .4.0/24.

      I do not understand how this is possilbe as the second and third rule should stop 192.168.3.2 from responding to any requests from these ips.
      Even if these rules were not valid, as I have not specified telnet open for 192.168.3.2 shouldn't the last rule drop the traffic anyway?
      Could anyone help me figure out what I am doing wrong.
      Thanks for the help

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Traffic destined to hosts on that network isn't filtered by the same ruleset as traffic from those networks. Rules on another interface are passing that.
        https://doc.pfsense.org/index.php/Firewall_Rule_Basics

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.