Lockdown



  • I need to block ALL ports on my WAN connection except port 80 and 443. What NAT or rule would I need to do this?

    I was thinking of doing it this way?

    WAN TCP * * * 80 (HTTP) 10.0.0.81 80 (HTTP) HTTP-In
    WAN TCP * * * 443 (HTTPS) 10.0.0.81 443 (HTTPS) HTTPS-In
    ???? block???

    I keep having having people that are hiding behind proxies, port scanning me according to snort.


  • Rebel Alliance Global Moderator

    You do understand that all traffic unsolicited inbound to your wan is blocked by default.  There is no reason to create specific rules.

    why exactly do you think people behind proxies are scanning you?  Can you post some actual details of this..  And looks to me your wan IP is rfc1918 address - so your bind a double nat anyway.  Did you put pfsense wan (10.0.0.81) in the dmz of the nat device in front of pfsense?  By default all private addresses are on the wan as well, did you uncheck that?



  • I might think something was wrong if we weren't scanned many times per day from zombies and other ne'er-do-wells.


  • Rebel Alliance Global Moderator

    ^ exactly, there is lots of noise on the internet ;)