Something is blocking FaceBook from login
-
Thanks for the suggestion, but to allow a rule "any to any" it is not the equivalent to disable the firewall???
I would like the firewall on if possible, all i need it's being able to use this specific website in a "normal" way, as i just found a work around to it but i am embarassed to tell what it is…. :D
Ok i will share it, i am using a web-proxy to by-pass my own firewall and proxy ;D
So far it's working fine, but i hope someone will have a proper fix for this problem -
It was for testing purposes - to see which traffic needs to be passed to reach this site.
create an "allow client-source-ip to any" on the top of all, enable logging and test if it is working and check the firewall logs, IPs and Ports. -
Ok, here it is, probably i made a mistake somewhere, or more likely more than one….i put some screenshots of everything :D
Still having the same problem.![Firewall Rules LAN.jpg](/public/imported_attachments/1/Firewall Rules LAN.jpg)
![Firewall Rules LAN.jpg_thumb](/public/imported_attachments/1/Firewall Rules LAN.jpg_thumb)
![Firewall Rules WAN.jpg](/public/imported_attachments/1/Firewall Rules WAN.jpg)
![Firewall Rules WAN.jpg_thumb](/public/imported_attachments/1/Firewall Rules WAN.jpg_thumb)
![Rule Any to Any.jpg](/public/imported_attachments/1/Rule Any to Any.jpg)
![Rule Any to Any.jpg_thumb](/public/imported_attachments/1/Rule Any to Any.jpg_thumb) -
Firewall System Log.
![Firewall System Log.jpg](/public/imported_attachments/1/Firewall System Log.jpg)
![Firewall System Log.jpg_thumb](/public/imported_attachments/1/Firewall System Log.jpg_thumb) -
Strange subnet for the fourth rule from top. Why is it /1 ? If it is just a host then set it to /32
Second rule from top:
Set protocol to "any" any not only TCP. -
Ok, i updated all, but the highest number available was 31, there is no 32, so i choose that one.
Facebook still inaccesible.![Firewall Rules.jpg](/public/imported_attachments/1/Firewall Rules.jpg)
![Firewall Rules.jpg_thumb](/public/imported_attachments/1/Firewall Rules.jpg_thumb)
![Firewall Logs.jpg](/public/imported_attachments/1/Firewall Logs.jpg)
![Firewall Logs.jpg_thumb](/public/imported_attachments/1/Firewall Logs.jpg_thumb) -
Did you try it with squid turned off (turn of transparent mode)? If squid is caching some of FB's background pages, I would guess FP will not be happy.
I know you said you are not using load balancing, so assume you have only one WAN connection? Obviously with two connected, FB thinks you are coming from two locations and has a hissy.
-
I de-tick the transparent mode and rebooted everything but it didn't solve the problem, it must to be something else…
The wired connection don't have any problems, it's only the wireless connection that have this issue, and it began after i started installing new packages, before it was working fine for both connections.![Firewall Logs.jpg](/public/imported_attachments/1/Firewall Logs.jpg)
![Firewall Logs.jpg_thumb](/public/imported_attachments/1/Firewall Logs.jpg_thumb) -
It seems i will have to stick with my proxy's work around for a very long time…..
Thanks anyway to all those who contributed with their suggestions, if i will ever find a proper fix i'll come back to share it here...all the best -
Got some other pieces of information…
If i try to use the Facebook application on the Iphone, there is no way it will login, but if i try to access their website through the Safari browser, at first the connection will get refused, then the login page will appear again, click on "try alternative login" a warning will come up, which basically says that the password will be sent in "plain text" and again will bounce back, but if you close the page and go there again, you are actually already logged in and can access everything....I try this on my computer too, instead to go in www.facebook.com, try m.facebook.com and click on "try alternative login", it will work !!!
Also, if my pc was already logged in, i discovered i can just browse all the various Facebook parts, however, if i logout, i am unable to login again, unless i use this alternative way.
-
So it's some https problem then.
The log pages you posted earlier are not the firewall log. They look like the system log but I've never seen it full of pf messages like that and the formatting is a bit odd. :-\
It looks like you maybe have something more seriously wrong with your install. Is this 2.0.1? Which install type?
Steve
-
It's the system's log for the firewall in PfSense, in this other picture you can see the the top of the report.
I am using the latest version (2.0.1-RELEASE (i386) FreeBSD 8.1-RELEASE-p6) installed on his own dedicated computer.![Firewall Log.jpg](/public/imported_attachments/1/Firewall Log.jpg)
![Firewall Log.jpg_thumb](/public/imported_attachments/1/Firewall Log.jpg_thumb) -
Hmm, something is wrong there. It shouldn't look like that at all.
You are just seeing the pf log directly but that should never happen. :-\
Steve
-
i'm thinking 'Show raw filter logs' is enabled under settings
-
The log has been enabled to try to identify what is blocking the login page from going further
-
Ah! So it is. You learn something everyday. ::)
Stee
-
Sorry i am not sure to understand what do you mean with that.
Are you suggesting that enabling the log for the firewall in PfSense creates this problem???
The firewall's log has been enabled -after- this inconvenience, to get more information about it and possibly solve it…. -
I was not familiar with the 'raw filter logs' option for the firewall log which lead me to believe your install may have had a more serious problem since your logs appeared to be completely ****ed.
However that was my mistake, sorry about that. :-[Steve