Blocked by default
-
I have a wide open rule on my wan:
Proto Source Port Destination Port Gateway Schedule Description- 172.25.1.0/24 * * * * test
but in the firewall log I am recieving quite a few dropped packets being dropped by the default rule
Dec 10 10:39:03 WAN 172.25.1.10:5972 66.114.50.57:80 TCP
Dec 10 10:39:31 WAN 172.25.1.10:5972 66.114.50.57:80 TCP
Dec 10 10:39:32 WAN 172.25.1.10:5970 64.233.181.157:80 TCP
Dec 10 10:40:36 WAN 172.25.1.10:5970 64.233.181.157:80 TCP
Dec 10 10:41:40 WAN 172.25.1.10:5970 64.233.181.157:80 TCP
Dec 10 10:42:44 WAN 172.25.1.10:5970 64.233.181.157:80 TCP
Dec 10 10:43:48 WAN 172.25.1.10:5970 64.233.181.157:80 TCP
Dec 10 10:44:53 WAN 172.25.1.10:5970 64.233.181.157:80 TCPIs this because of the state is bieng sent or recieved incorrectly?
Some basic info
Lan is bridged with wan
I have an optional 1 which is load ballanced with the wan
on the lan side i also have a wide open approve all for my private side.
-
I found the answer
http://doc.m0n0.ch/handbook/faq-legit-traffic-dropped.html
Search is a good thing.
-
Santron you´re right.
But on pfsense to fix this problem, check the checkbox "Bypass firewall rules for traffic on the same interface" on Advanced in System tab.
See if fix you problem.
Anyway post your results.
Tks
Heitor Lessa
-
Heitor,
Thank you for your answer. It has solved some of the blocks but I am still getting dropped packets:
Act Time If Source Destination Proto
Dec 11 10:17:34 WAN 172.25.xxx.xxx:14084 208.71.xxx.xxx:80 TCP
Dec 11 10:16:30 WAN 172.25.xxx.xxx:14084 208.71.xxx.xxx:80 TCP
Dec 11 10:15:25 WAN 172.25.xxx.xxx:14084 208.71.xxx.xxx:80 TCP -
Try to create rules for this destination just for test.
For example.
Action - Pass
Source - *
Protocol - TCP
Destination - 208.71.x.xCause this previous option fix this problem, but there are cases when you need to create specific rules.
Anyway, you can contact me on Skype. -> heitor.flessa
Lucky
-
some of these are normal, as the m0n0wall doc explains. why do you think you have a problem?