LAN rules not obeyed
-
Are you sure this machine is connecting to the worls through the pfSense?
Sorry, worls? World, perhaps? I don't see how it couldn't otherwise as the LAN structure is simple. Belkin WAP connecting 2 clients which is in turn hard-wired to the LAN interface of the pfsense box (for clarification). The WAP I gave an address way outside the DHCP pool (pool from 192.168.2.2/24-192.168.2.3/24). I don't see how I could have screwed this up, but it's very possible.
Any case it's strange that after a trace route I only get the following for the first 5 entries. And at no point do I see the pfsense box.
1 10.131.0.1 (10.131.0.1) 7.685 ms 5.091 ms 6.008 ms
2 172.26.96.245 (172.26.96.245) 6.856 ms 6.462 ms 5.750 ms
3 71-14-0-33.static.gwnt.ga.charter.com (71.14.0.33) 6.010 ms 6.489 ms 8.697 ms
4 172.26.96.249 (172.26.96.249) 7.895 ms 6.570 ms 8.745 ms
5 atlnga1wcx1-pos4-0.wcg.net (64.200.231.245) 7.917 ms 8.297 ms 7.942 ms -
Any chance you are connected to a neighbors network? ;)
-
Damn myself….apologies. I stupidly did a traceroute without thinking from the pfsense box and not the LAN client. Yes, a trace route from the LAN client shows the first hop to be the pfsense box followed by entries 1-5 in my previous post. :-[
-
Did you try to reboot the pfSense?
-
I actually did a complete restore to defaults just yesterday with no change, however I'll try another reboot of pfsense and see if it changes anything.
[EDIT] Ok it looked like after that last reboot the rules started being obeyed. Not only that, but after the reboot I could then change the rule from block to pass, apply the rule, refresh the states and the newly edited rule was being obeyed. I don't know why I had to do all that to get firewall rules to be active, but it works now. I hope this hasn't been a waste of your time, hoba.
Thanks for the help here.
-
This is a known bug and has been fixed. Search the forum for check_reload_status.
-
Ah, ok I thought it might be. How do I go about applying the fix for this? I'm not familiar with the inner workings and files associated with pfsense as of yet. Any newbie explanation would be most appreciated.
thanks
-
It will be included in the upcoming 1.0.1 release. If all goes well it will be released around this weekend.
-
I'm not sure if this is related at all, but I thought I might mention it here before starting a new thread.
Apparently, when changing the webGUI port from default to custom, it is also necessary to reboot the system before the changes actually take effect. But according to the description below the webGUI port field, "Changes will take effect immediately after save." I found this not to be the case. Only when I rebooted the system did the firewall listen on the new port.
-
Should be related.