Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem blocking ip and with outgoing ftp connections

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 3 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cerez23
      last edited by

      Hello to the list,
      first of all sorry for my bad english.

      I have installed a pfsense with 2 wan interfaces, the first to nat client ( xxx.xxx.xxx.xxx gw nothing  ) ,
      the second for ftp and web services (yyy.yyy.yyy.yyy with default gw yyy.yyy.yyy.x)  and a  lan interface.
      All seems to work fine but i have 2 little problems:

      1. I must block 2 site  from lan to internet so i insert a rule like this on the lan interface

      Source: any
      Destination: <blocked ip="">D_port:any
      DROP
      But the  <blocked ip="">results Reachable from the lan net.

      1. I enable FTP Helper on wan interface (yyy.yyy.yyy.yyy) and lan interface but clients on lan can't connects to external FTP.The default policy from lan to outside is any destination and any protocoll.

      ps I'm using pfsense 1.2 rc2

      Can anyone help me?

      tnx in advance

      AC</blocked></blocked>

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        The site you try to block could be using Round robin dns http://en.wikipedia.org/wiki/Round_robin_DNS
        So to block a range of ip your could do something like this.

        • LAN net * 88.221.26.1/24 * *   block www.chelseafc.com

        (FTP Helper) Disable on wan and enable on lan.
        Your can test with ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.2-release/All

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • S
          sullrich
          last edited by

          FTP only will work on the primary WAN.

          http://devwiki.pfsense.org/FTPTroubleShooting

          1 Reply Last reply Reply Quote 0
          • C
            cerez23
            last edited by

            I've tried to verify rule also making a connection to the ip and I 've the same result.

            Any suggestion ?

            Regards

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.