How to block an IP address from sending or receiving traffic?
Solution 1
I'm sure you've probably resolved this by now, but your screenshots show the rule being created for the WAN interface. You want to block on the LAN interface.
Solution 2
I have found that you have to kill the active states for that IP address as well before the block will take effect.
Related videos on Youtube
03 : 03
04 : 59
03 : 34
02 : 02
02 : 20
Ian Boyd
Updated on September 18, 2022Comments
-
Ian Boyd almost 2 years
We have a machine that we are trying to limit bandwidth to, using pfSense. This is because the machine is using 80% of our link:
Another brute-force method of limiting bandwidth to an IP address is simply to block it. So we updated a rule to indicate that it should be a Block rule:
We also created another rule, randomly picking other options to try to block
10.0.0.78from talking to the Internet:
Yet there it is, still consuming the majority of the bandwidth:
And when you log into the machine, uTorrent is still merrily downloading data.
How do you block a computer, by IP address, in pfSense?
-
Ian Boyd over 9 yearsI'd long since given up; but that might be a good note. We learned that there is no such thing as traffic going to a LAN address. At first it seemed natural:
google.com:80 --> 10.0.0.78:48231. Except because of an undocumented shortcoming, the firewall cannot understand traffic going to an internal address. Instead the traffic goes to the public WAN IP:google.com:80 --> 80.82.64.117:37228. And then sometime later, someplace else, traffic goes from pfSense:10.0.0.7:37228 --> 10.0.0.78:48231. That's why you can't apply firewall rules on the WAN: they don't work. -
fixer1234 over 7 yearsThis isn't really an answer since it isn't a solution to the question. With a little more rep, you'll be able to post comments to offer supplemental information.