• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Help with blocking specific IP from WAN

Scheduled Pinned Locked Moved Firewalling
6 Posts 2 Posters 916 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    kjemison1966
    last edited by Jun 3, 2015, 11:09 PM

    Hello,

    I am having an issue with a person attempting to connect into my systems from the IP address of 162.218.211.190

    I setup a rule in my Firewall to stop the attacks. However, I still show this IP as attempting to log into my server. I have rebooted the pfsense box just to see if the rule would kick in - no luck. My rule is setup as follows:

    ACTION = Block

    INTERFACE = WAN

    TCP/IP VERSION = IPv4

    SOURCE = Single host or Alias
                    Address = 162.218.211.190

    DESTINATION = Any

    All other options are left at default.

    A little help would be greatly appreciated.

    Thank you
    Kell

    1 Reply Last reply Reply Quote 0
    • D
      Derelict LAYER 8 Netgate
      last edited by Jun 3, 2015, 11:15 PM

      Did you put that rule at the top?

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • K
        kjemison1966
        last edited by Jun 3, 2015, 11:17 PM

        No, it is at the bottom…should I move it up?

        1 Reply Last reply Reply Quote 0
        • D
          Derelict LAYER 8 Netgate
          last edited by Jun 3, 2015, 11:21 PM

          Rules are matched top down, first one wins so yes.  He's probably hitting the rule that passes the port forward first. that has a source of any.

          In general, rules go from most-specific on the top to least-specific on the bottom.

          https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • K
            kjemison1966
            last edited by Jun 3, 2015, 11:22 PM

            Thank you very much for the help. I will make the change now and let you know what effect it has.

            Sincerely,
            Kell

            1 Reply Last reply Reply Quote 0
            • K
              kjemison1966
              last edited by Jun 4, 2015, 12:04 AM

              Update:

              That did the trick!

              Thank you very much for your help!

              Have a great weekend!

              Sincerely,
              Kell

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received