Block happening on interface and I can't figure out why
-
My logs show a number of blocks like this
Date: May 10 11:05:51
Interface: WIFI01
Source: 176.16.2.102:57020
Destination: <removed>:80 (non-lan)
Type: TCP:FAIt says the rule that's blocking it is the default block rule.
However, I have a rule in place which is to allow Any protocol, WIFI01 source, any destination, so I'm not sure how there could possible be an outbound block.</removed>
-
Think you're running into this:
http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F -
Think you're running into this:
http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3FI think that might be it. Is there an explicit block rule I can make so I can avoid it being logged?
-
That would be the "Status: System logs: Settings:Log packets blocked by the default rule" option
-
That would be the "Status: System logs: Settings:Log packets blocked by the default rule" option
No, not that. I want to see packets blocked by the default rule. I just want to set up an explicit deny for THIS case so I can not log it. I still want to be notified of anything else.
(I only have the any rule setup for debugging) -
I say you would still disable that and create an explicit deny at the end of your rules with logging, should work
-
I say you would still disable that and create an explicit deny at the end of your rules with logging, should work
Looks like I was thinking backwards.
Thanks, I'll do that.