Wan firewall default settings

In a fresh install of pfsense using a static ip and the wizard I notice that by default no WAN firewall rules are set. Is this correct? I was under the impression that all traffic was blocked until permitted by the firewall. I am installing pfBlocker.

I do believe there is a default deny on all the interfaces, when there are no rules.

So in your case all traffic will leave and nothing can come in.

On my WAN I only have some rules that allow my openVPN traffic in and the last rule to block IPv4+6 traffic.

here is a better explanation


Yes, that is correct. The important thing to understand is that rules in pfSense are applied to incoming traffic. So with no rule on the WAN interface, the default, implicit deny rule is applied to all incoming traffic on that interface. Similarly, when setting up pfSense, an explicit allow all rule is created for the LAN interface, meaning that all traffic coming into pfSense’s LAN interface will be allowed.