How to block an IP address from sending or receiving traffic?
Solution 1
I'm sure you've probably resolved this by now, but your screenshots show the rule being created for the WAN interface. You want to block on the LAN interface.
Solution 2
I have found that you have to kill the active states for that IP address as well before the block will take effect.
Related videos on Youtube
Ian Boyd
Updated on September 18, 2022Comments
-
Ian Boyd almost 2 years
We have a machine that we are trying to limit bandwidth to, using pfSense. This is because the machine is using 80% of our link:
Another brute-force method of limiting bandwidth to an IP address is simply to block it. So we updated a rule to indicate that it should be a Block rule:
We also created another rule, randomly picking other options to try to block
10.0.0.78
from talking to the Internet:Yet there it is, still consuming the majority of the bandwidth:
And when you log into the machine, uTorrent is still merrily downloading data.
How do you block a computer, by IP address, in pfSense?
-
Ian Boyd over 9 yearsI'd long since given up; but that might be a good note. We learned that there is no such thing as traffic going to a LAN address. At first it seemed natural:
google.com:80 --> 10.0.0.78:48231
. Except because of an undocumented shortcoming, the firewall cannot understand traffic going to an internal address. Instead the traffic goes to the public WAN IP:google.com:80 --> 80.82.64.117:37228
. And then sometime later, someplace else, traffic goes from pfSense:10.0.0.7:37228 --> 10.0.0.78:48231
. That's why you can't apply firewall rules on the WAN: they don't work. -
fixer1234 over 7 yearsThis isn't really an answer since it isn't a solution to the question. With a little more rep, you'll be able to post comments to offer supplemental information.