The pfSense Store

Author Topic: Firewall Rules possible bug?  (Read 2173 times)

0 Members and 1 Guest are viewing this topic.

Offline galaxy60

  • Jr. Member
  • **
  • Posts: 49
  • Karma: +0/-0
    • View Profile
Firewall Rules possible bug?
« on: November 05, 2008, 04:50:56 pm »
Hi I have just setup my third PFsense box and I am trying 1.21 this time, my setup consists of the following
WAN   192.168.1.100/24
LAN    160.220.200.254/24
OPT1  192.168.3.254/24
OPT2  192.168.4.254/24

My problem is I have created  firewall rules on OPT1 & OPT2 to stop anyone from accessing the LAN using protocol any and block LAN address which works great however I also need to block OPT2 from accessing OPT1, as soon as I add an Identical rule with block OPT1 address and apply the settings I am still able to acces OPT1 this also cancels the first rule allowing you to also gain access to the LAN.

I have rebooted the unit, reinstalled and started from scratch to no effect is this a configuration issue / limitation or a possible bug?

Cheers  ???

Offline Perry

  • Hero Member
  • *****
  • Posts: 1152
  • Karma: +0/-0
    • View Profile
Re: Firewall Rules possible bug?
« Reply #1 on: November 05, 2008, 05:22:23 pm »
Try Diagnostics -> States -> Reset state
It's easier to help if you post your rules Screengrab a firefox addon
 
/Perry
doc.pfsense.org

Offline galaxy60

  • Jr. Member
  • **
  • Posts: 49
  • Karma: +0/-0
    • View Profile
Re: Firewall Rules possible bug?
« Reply #2 on: November 06, 2008, 04:13:58 am »
Hi thanks for the reply, I have now reset the states and it has had no effect at all I have also deleted the rules and recreated them with complete with a restart :-[

I will attach a screen shot later with the two firewall rules

Cheers,

Offline galaxy60

  • Jr. Member
  • **
  • Posts: 49
  • Karma: +0/-0
    • View Profile
Re: Firewall Rules possible bug?
« Reply #3 on: November 06, 2008, 03:21:51 pm »
Hi I have attached a screen shot for the rule that is blocking access from OPT2 (Guests) onto my LAN I also have an identical rule created that is blocking access to OPT1 (LAN2) either rule created on its own works and blocks the defined network when both are created and activated you are then able to access both my LAN and LAN2


cheers, ???

Offline Perry

  • Hero Member
  • *****
  • Posts: 1152
  • Karma: +0/-0
    • View Profile
Re: Firewall Rules possible bug?
« Reply #4 on: November 06, 2008, 03:32:38 pm »
You want to block the lan subnet and not the lan adresse
http://doc.m0n0.ch/handbook-single/#id11642030
« Last Edit: November 06, 2008, 03:37:18 pm by Perry »
/Perry
doc.pfsense.org

Offline galaxy60

  • Jr. Member
  • **
  • Posts: 49
  • Karma: +0/-0
    • View Profile
Re: Firewall Rules possible bug?
« Reply #5 on: November 09, 2008, 06:24:59 am »
Got it all working cheers Perry I have attached a screen shot of the rules.

 ;D

Online GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5065
  • Karma: +4/-0
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Re: Firewall Rules possible bug?
« Reply #6 on: November 09, 2008, 07:38:14 am »
You could also create an alias which contains both your LAN1 and LAN2.
Then use this alias in your second rule (allow anything with as destination NOT the alias).
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)