Firewall Blocking Question
-
I know i have a lot of questions. but it seems like every time i loot at my firewall log it looks like this blocking things but i dont know why? like thats night i noticed it was blocking a bunch of things from google.
-
Is that in the source your own IP?
Could be this:
http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F -
Is that in the source your own IP?
Could be this:
http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3Fno the destination is my ip. almost always is so its from wan to lan.
and i think you are correct. but is there any way that i can make then now show up. since they flood my log, or a way to make it so you show more then 50 logs in your dynamic view?
-
There is no way to filter out those log entries automatically, since they are identical to normal blocked packets. It's just that whatever server you are connecting to is either sending them back from a different IP, or after the state has been removed. It isn't normal to see a ton of these, but it has more to do with the server you are connecting to than anything else.
You can try to set the firewall optimization to "conservative" under the advanced options, but iirc that really only helps with UDP, not TCP states.
The dynamic view is locked to 50 entries because if you go much larger than that, the JavaScript involved gets really slow.
-
There is no way to filter out those log entries automatically, since they are identical to normal blocked packets. It's just that whatever server you are connecting to is either sending them back from a different IP, or after the state has been removed. It isn't normal to see a ton of these, but it has more to do with the server you are connecting to than anything else.
You can try to set the firewall optimization to "conservative" under the advanced options, but iirc that really only helps with UDP, not TCP states.
The dynamic view is locked to 50 entries because if you go much larger than that, the JavaScript involved gets really slow.
Thanks for the info. I really appreciate it.