Blocking some FTP sites



  • Hello!

    I'm new to pfSense (although not quite new to pf). I apologize for such a basic question, but how can I block access to some specific FTP sites from my LAN? I have the ftp helper enabled and this rdr's all ftp traffic to the ftp proxy, so any 'block' firewall rules that I create for e.g. destination host 12.34.56.78 port 21 have no effect. I see no way in the web GUI to specify that traffic to some specific ftp host not be rdr'd to the ftp proxy. I'm probably overlooking something obvious, but what?



  • For now I just entered fake IP addresses for these addresses in the DNS forwarder configuration, but this of course means that clients can still connect using IP address.


Log in to reply