pfSense WAN Rule Question

I am still pretty new to pfsense, definitely learning things as I go. I have had my pfsense box set up for almost a year now and started off in manual NAT to really try and learn things. I do not entirely remember everything I learned/why I made some choices, and in my firewall I have a WAN rule that is block from source any to this firewall. I am almost entirely sure this is superfluous as pfSense is default do not pass traffic if it can’t find a rule that says to allow it.

With that said, is there any reason or some type of WAN rule I should be using in place of this blanket block rule?


Adding a little more to this… I also just set up a pfsense router for a family member as they have an NVR which I absolutely do not trust. Similar question as above, is the bottom rule “needed”. The pass rule would allow the NVR to get its DHCP and NPT info from pfsense, do I need a block rule like this? Actually as I post this, I realized I need to add a block rule above the allow rule to not let it talk to the firewall webUI port… I will go edit that.

WAN blocks by default and to save me some typing here is the pfsense official documentation covering rules and their orders:
and my recent video on the topic

1 Like

yeah I just have a block IP4 and IP6 traffic rule and allow my OpenVPN connections on my WAN. Don’t think you need more than that in most scenarios.