Floating Rule assistance (block specific traffic when VPN down)
-
I am trying to configure a floating rule to block traffic (WAN) from a specific IP/port (192.168.12.5:47864) when VPN (PIA) goes down, but still allow everything else via WAN on same IP (192.168.12.5).
Floating rule configuration:
Action: block
NOT A QUICK RULE
Interface: WAN
Direction: Any
TCP/IP Version: IPv4
Protocol: TCP/UDP
Source: 192.168.12.5
Source port range (to&from): 47864
Destination: any
Destination port range: any
log: checked
Description: Kill WAN if VPN DOWNFAIL: tested by disabling openvpn, then watched as the traffic resumed on WAN.
Thanks for help all!
-
Floating rules on WAN out are post-NAT so you can't match on the source address. It's already been translated.
Mark the traffic on the rule that sends it to the VPN in the first place then block that mark on WAN out.
https://forum.pfsense.org/index.php?topic=76015.msg494089#msg494089