pfSense blocking icmp from my gateway ip every 30 seconds.
-
Hi!
I am new to the forums and quite new to self hosting and managing my firewall etc.
I changed my public wan yesterday and since then i have seen in the firewall logs that pfSense blocks ICMP (ping?) from my gateway ip every 30 seconds.
Is this normal?
-
@radiostyrd
Blocking anything on WAN interface, which is not allowed by a firewall rule, is normal.That your ISP is pinging you continuously is not normal, but this is on the respective ISP. Maybe he wants to get a better overview, who is online this way.
So it's on you to add a rule to allow that. Why not?
You can limit the rule to the specific source IP of the gateway, and of course to ICMP requests. -
@viragomann
Hi and thank you for the answer! -
@radiostyrd said in pfSense blocking icmp from my gateway ip every 30 seconds.:
Is this normal?
Depends on you.
It's like having your front door right in front of the play-ground of a school. Don't be surprised that your doorbell will 'ring' every minute or so.
Or, at home, you shut down the power to the doorbell push button, and problem solved.With pfSense, you tell the default, hidden final "block all" firewall rule to shut up :
Internet is full (loaded) with traffic trying out any kind of host, to 'see' if some 'port' is open .... and that that's fine, that's how things are these days. Just let them hit the fire wall. That why you have the firewall in the first place.
@radiostyrd said in pfSense blocking icmp from my gateway ip every 30 seconds.:
the firewall logs that pfSense blocks ICMP (ping?) from my gateway ip every 30 seconds.
In this case, take some extra 2 minutes, and see who is sending the traffic.
Where it comes from.
Internet traffic is like an postal envelop using by you when you sue the original snail mail services : on the outside, there is the destination address, and the sender address. (that is, it used to be like this in the past, these days that's less done for whatever reason)
If the sender is, for example, your ISP, there might be a reason that they are doing this.
Like : (just joking) : as your equipment doesn't' reply to the ping, the ISP considers your equipment down and they stop your connection ^^
If the ping comes from your neighbor : go ask him ?!