Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configuring the firewall

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gchinn
      last edited by

      I have just installed pfsense, however I am not able to connect to the internet when I disable the default rule on the lan side even though I have created the basic rules to allow dns, http, ssh and https traffic. Is there something else that I must do? Also, although I am new to pf, I understand the concept reasonably well.  I see no way to designate in or out using the web interface. Maybe I just don't understand the method of using the interface. Since, I receive my service from AT&T via dhcp, that would be considered pppoe or pptp. And that would make it "out" if switched the interface on the wan tab, right? I would like to be sure before continue. Or should I configure the firewall manually with my own pf.conf file or would cause any problems? I would appreciate any help to resolve these issues. Thank you!!

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Rules are always appliad inbound per interface. So if you want to drop traffic from wan to lan the rules have to go to the wan tab. If you want to drop traffic from LAN to WAN rules go to the LAN tab. There are no "out" rules in pfSense, they are all "in" or in other words think of an "allow anything out rule" on every interface by default. Applying your own pf configuration is not supported as the webconfigurator will generate and overwrite everything on bootup or changes through thee webgui again.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.