Rule @4294967295.
-
Hi,
Could anyone explain this rule @4294967295?
I haven't set up any accept rules on WAN. Private networks, loopback address and bogon is blocked on WAN.
🔒 Log in to viewIt looks like that there were incoming multicats request to WAN and were accepted.
Logs:
🔒 Log in to viewI tried grep this rules pfctl -vvsr | grep 4294967295 but nothing.
Thanks for your assistances.
-
@Danil-0 did you enable the igmp proxy?
-
@johnpoz No, it is disable.
-
@Danil-0 did you recently upgrade?
I see this old redmine
https://redmine.pfsense.org/issues/12872
Do you have something like UPnP running?
edit:
I recall a really old thread.. Let me see if can dig it up..
https://forum.netgate.com/topic/147248/had-my-pfsense-been-compromised -
@johnpoz said in Rule @4294967295.:
I recall a really old thread.. Let me see if can dig it up..
Yes, Pfsense version is 23.09.1 but I had this issue before at 23.09 version. Maybe at 23.05.1.
Filter log:
Dec 14 06:10:06 host filterlog[30289]: 4294967295,,,0,mvneta0,ip-option,pass,in,4,0xc0,,1,0,0,DF,2,igmp,32,0.0.0.0,224.0.0.1,datalength=8 Dec 14 06:10:06 host filterlog[30289]: 4294967295,,,0,mvneta0,ip-option,pass,in,4,0x0,,1,32089,0,none,2,igmp,32,10.50.xxx.xxx,224.0.0.251,datalength=8
I will check this thread, thanks.
-
@johnpoz UPnP isn't running.
-
@johnpoz Problem solved by internet provider. Thanks for your help.
-
@Danil-0 said in Rule @4294967295.:
Problem solved by internet provider.
They could stop the traffic from getting to you - but that is not an answer to why firewall says the traffic was allowed by a rule number that doesn't exist. Points to that issue discussed in the thread about "short" packets maybe..
-
@johnpoz You're right, it didn't help. I'm trying to figure out again.