pfsense: how to block internet for one client

Add a LAN Firewall rule to block the IP of the guy by going to Firewall -> Rules -> LAN:

alt text

NOTE: Original source of image

And be sure your rule is before the default "allow everyone" rule; since rules are processed top down, in order, until it finds one that matches.


I know this is an old question, but it still applies to pfSense 2.4

I recommend using aliases for applying rules to multiple hosts.

enter image description here

enter image description here


Not a pfsense person, but the actual PF rules you need are as follows.

block in on <internal interface> from <static ip> to any
pass in on <internal interface> from <static ip> to <internal network>
pass out on <internal interface> from <static ip> to <internal network>