On 12/11/2013 02:38 PM, Justin Edmands wrote:
Monitor blocked attempts under Status --> System Logs --> Firewall ...
filter for the IP you want. If you see the block, click the small grey
arrow with a plus sign next to the destination IP. This will create a
rule and allow you to go to Firewall --> Rules to indentify the proper
rule setup to pass these SSH attempts.
Next, notice that these rules are in order...top to bottom. Here is
the sentence at the bottom of all firewall rule pages:
*Hint: *
* Rules are evaluated on a first-match basis (i.e. the action of the
first rule to match a packet will be executed). This means that if
you use block rules, you'll have to pay attention to the rule
order. Everything that isn't explicitly passed is blocked by default.
PS: By default, all blocked attempts are logged. After creating a
rule, you can also turn on logging for the rules that pass. This will
allow you to see the source/destination that is using the rule.
Thanks!
--
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics, Inc.
email: [email protected]
web : http://scalableinformatics.com
twtr : @scalableinfo
phone: +1 734 786 8423 x121
cell : +1 734 612 4615
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
