<div>
<div class="content wysiwyg-content">
hello,<br />
I am using pfsense as my firewall. I set it up on an old computer, and it has two NIC's - one for lan and one for wan traffic. It is working fine, and I am using the &quot;block all traffic&quot; method of firewalls, then just poking holes in the firewall as needed. <br />
That is also working fine, so my rules look like this<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2015/10_w44/976021/firewall.jpg" target="_blank" title="firewall (247 KB)"><img alt="firewall" class="file-block lazyload" style="max-width: 766px;" data-src="https://filedb.experts-exchange.com/incoming/2015/10_w44/976021/firewall.jpg" /></a><br />
I was reading about the ideal firewall setup, and saw something that said a firewall should block any local traffic that doesn't originate from the lan. I take that to mean if a malicious computer tries spoofing you IP address or MAC address and tries to send traffic on your network, but even though the malicious computer has a valid MAC address, the traffic would still be coming from the wan, or outside of the lan.<br />
So my question is, is there a way to test and confirm that your firewall will block this type of traffic. If there isn't a good way to test it, how about just confirming that the firewall would block this type of traffic?
</div>
</div>


firewall.jpg

hello,
I am using pfsense as my firewall. I set it up on an old computer, and it has two NIC's - one for lan and one for wan traffic. It is working fine, and I am using the "block all traffic" method of firewalls, then just poking holes in the firewall as needed. 
That is also working fine, so my rules look like this



I was reading about the ideal firewall setup, and saw something that said a firewall should block any local traffic that doesn't originate from the lan. I take that to mean if a malicious computer tries spoofing you IP address or MAC address and tries to send traffic on your network, but even though the malicious computer has a valid MAC address, the traffic would still be coming from the wan, or outside of the lan.
So my question is, is there a way to test and confirm that your firewall will block this type of traffic. If there isn't a good way to test it, how about just confirming that the firewall would block this type of traffic?

firewall rules

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.