Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense open ports [SOLVED]

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    47 Posts 4 Posters 64.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vorgusa
      last edited by

      the screenshot I put of my rules page clearly has port 443 on it before hand. That would be the port you were talking about in the previous line?  why would the port be listed there but not in the rules.debug?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        ok, edit and save your OpenVPN rule, see if that fixes it. Make sure to re-select UDP as the protocol if it's supposed to be UDP and not TCP.

        I fixed a bug with the wizard earlier today that was apparently causing this to happen, too.

        The protocol (TCP or UDP) was getting into the rule as upper case, not lower case, and the port was being left off because it didn't match "tcp" or "udp".

        Anyone on a new snap should be OK though. At least the next new one.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • V
          vorgusa
          last edited by

          Just attached part of the config.xml  If I change the 3rd one to match the other two and then restart my box, would that fix the problem? /cf/conf/config.xml

          rules.txt

          1 Reply Last reply Reply Quote 0
          • V
            vorgusa
            last edited by

            I am using TCP and I just upgraded to the newer snapshot a little while ago hoping it would fix the problem, but guess we nailed it down to that rule.

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              Just edit and save the rule - no need to alter config.xml

              The problem is this:

              <protocol>TCP</protocol>
              

              Needs to be:

              <protocol>tcp</protocol>
              

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • V
                vorgusa
                last edited by

                :( cant get into the web interface now.  Guessing thats a good thing since its open to the world, lol

                1 Reply Last reply Reply Quote 0
                • V
                  vorgusa
                  last edited by

                  hmmm ok, so where can I edit and save the rule.. is the rule.debug file going to be persistent?

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    Edit the OpenVPN rule on Firewall > Rules on the WAN tab - edit that, save, and it should fix itself.

                    Or update once the next snapshot uploads, I committed a couple different protections against this.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • V
                      vorgusa
                      last edited by

                      Worked like a charm.. I got someone to run nmap on the IP and the firewall is back up.  Thanks for your help!  Did you guys find a bug in the Wizard?

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        Yeah, it was a problem in the wizard:

                        https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/6be90004d477bd74c5610ae341aae3ae9fcc9281

                        But I added some extra protection so that on future snapshots even people who have the 'bad' rules won't be harmed by it:
                        https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/06b3df52262764723289a3ac65c3a7c05a8a8f4c
                        https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/7ec0e6e2f5206d750a6c00d598700836a57d056f

                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.