Configuring the firewall



  • I have just installed pfsense, however I am not able to connect to the internet when I disable the default rule on the lan side even though I have created the basic rules to allow dns, http, ssh and https traffic. Is there something else that I must do? Also, although I am new to pf, I understand the concept reasonably well.  I see no way to designate in or out using the web interface. Maybe I just don't understand the method of using the interface. Since, I receive my service from AT&T via dhcp, that would be considered pppoe or pptp. And that would make it "out" if switched the interface on the wan tab, right? I would like to be sure before continue. Or should I configure the firewall manually with my own pf.conf file or would cause any problems? I would appreciate any help to resolve these issues. Thank you!!



  • Rules are always appliad inbound per interface. So if you want to drop traffic from wan to lan the rules have to go to the wan tab. If you want to drop traffic from LAN to WAN rules go to the LAN tab. There are no "out" rules in pfSense, they are all "in" or in other words think of an "allow anything out rule" on every interface by default. Applying your own pf configuration is not supported as the webconfigurator will generate and overwrite everything on bootup or changes through thee webgui again.


Locked