Problem blocking ip and with outgoing ftp connections
-
Hello to the list,
first of all sorry for my bad english.I have installed a pfsense with 2 wan interfaces, the first to nat client ( xxx.xxx.xxx.xxx gw nothing ) ,
the second for ftp and web services (yyy.yyy.yyy.yyy with default gw yyy.yyy.yyy.x) and a lan interface.
All seems to work fine but i have 2 little problems:- I must block 2 site from lan to internet so i insert a rule like this on the lan interface
Source: any
Destination: <blocked ip="">D_port:any
DROP
But the <blocked ip="">results Reachable from the lan net.- I enable FTP Helper on wan interface (yyy.yyy.yyy.yyy) and lan interface but clients on lan can't connects to external FTP.The default policy from lan to outside is any destination and any protocoll.
ps I'm using pfsense 1.2 rc2
Can anyone help me?
tnx in advance
AC</blocked></blocked>
-
The site you try to block could be using Round robin dns http://en.wikipedia.org/wiki/Round_robin_DNS
So to block a range of ip your could do something like this.- LAN net * 88.221.26.1/24 * * block www.chelseafc.com
(FTP Helper) Disable on wan and enable on lan.
Your can test with ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.2-release/All
-
FTP only will work on the primary WAN.
-
I've tried to verify rule also making a connection to the ip and I 've the same result.
Any suggestion ?
Regards