<![CDATA[Problem blocking ip and with outgoing ftp connections]]>Hello to the list,
first of all sorry for my bad english.

I have installed a pfsense with 2 wan interfaces, the first to nat client ( xxx.xxx.xxx.xxx gw nothing  ) ,
the second for ftp and web services (yyy.yyy.yyy.yyy with default gw yyy.yyy.yyy.x)  and a  lan interface.
All seems to work fine but i have 2 little problems:

  1. I must block 2 site  from lan to internet so i insert a rule like this on the lan interface

Source: any
Destination: <blocked ip="">D_port:any
DROP
But the  <blocked ip="">results Reachable from the lan net.

  1. I enable FTP Helper on wan interface (yyy.yyy.yyy.yyy) and lan interface but clients on lan can't connects to external FTP.The default policy from lan to outside is any destination and any protocoll.

ps I'm using pfsense 1.2 rc2

Can anyone help me?

tnx in advance

AC</blocked></blocked>

]]>https://forum.netgate.com/topic/7002/problem-blocking-ip-and-with-outgoing-ftp-connectionsRSS for NodeTue, 09 Jun 2026 12:25:34 GMTSun, 13 Jan 2008 21:37:39 GMT60<![CDATA[Reply to Problem blocking ip and with outgoing ftp connections on Mon, 14 Jan 2008 15:23:04 GMT]]>I've tried to verify rule also making a connection to the ip and I 've the same result.

Any suggestion ?

Regards

]]>https://forum.netgate.com/post/164558https://forum.netgate.com/post/164558Mon, 14 Jan 2008 15:23:04 GMT<![CDATA[Reply to Problem blocking ip and with outgoing ftp connections on Mon, 14 Jan 2008 03:57:49 GMT]]>FTP only will work on the primary WAN.

http://devwiki.pfsense.org/FTPTroubleShooting

]]>https://forum.netgate.com/post/164545https://forum.netgate.com/post/164545Mon, 14 Jan 2008 03:57:49 GMT<![CDATA[Reply to Problem blocking ip and with outgoing ftp connections on Mon, 14 Jan 2008 02:05:05 GMT]]>

  • The site you try to block could be using Round robin dns http://en.wikipedia.org/wiki/Round_robin_DNS
    So to block a range of ip your could do something like this.

    • LAN net * 88.221.26.1/24 * *   block www.chelseafc.com

    (FTP Helper) Disable on wan and enable on lan.
    Your can test with ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.2-release/All

    ]]>    https://forum.netgate.com/post/164542https://forum.netgate.com/post/164542Mon, 14 Jan 2008 02:05:05 GMT