cross-posted to: https://sh.itjust.works/post/14114626
If the rule is about forwarding traffic from the lan interface to the wan interface, then why is there also a forward rule? How would inputs, and outputs make any sense if the rule is talking about forwarding? What does it mean for wan to forward to REJECT? I interperet that as saying that wan doesn’t go anywhere, but that wouldn’t make sense given that the router can send, and receive over the internet.
For example I would interperet the first rule as follows:
lan => wan: the conditions for which connections from thelaninterface are forwarded to to thewaninterface.Input: accept: thelaninterface accepts all connections originating from the network (I wouldn’t understand the point of setting this to bereject).Output: accept: all connections exiting thewaninterface are accepted (again, I’m not sure what the point of this would be).Forward: accept: forwarding of packets fromlantowanis allowed.- Masquerade: I honestly don’t know what the effect of enabling this would be. What would it mean to masquerade the
laninterface?
I tried finding documentation, and I did come across this, and this, but, from what I could understand, they didn’t really answer any of my questions.
Isn’t the lan -> wan interfaces refering to your packets going outside your router and lan network to the outside world (internet?).
I vaguely remember the pfsense configuration I did a while ago, where the wan interface is actually the internet connection interface.
Maybe I’m wrong and misunderstood something, if so, please correct me !
yes, lan is the Local Area Network, wan is the Wide Area Network. The zone lan refers to the devices on the local side, wan to the great internet.