Basic Setup Issue

brad999

I'm new to pfSense and just did a fresh install on an old computer to be used as my home router/firewall. The only configuration I have changed from the base setup is setting the MAC address for my WAN and add WAN and LAN firewall rules to allow all traffic (for initial testing).

However, the firewall is still blocking traffic. I can get to some websites, but others are being blocked. I've attached the firewall rules I have setup and a screenshot of the firewall log. I'm sure there is something very basic that I'm missing here, but the help is greatly appreciated.
![LAN Rules.png](/public/imported_attachments/1/LAN Rules.png)
![LAN Rules.png_thumb](/public/imported_attachments/1/LAN Rules.png_thumb)
![WAN Rules.png](/public/imported_attachments/1/WAN Rules.png)
![WAN Rules.png_thumb](/public/imported_attachments/1/WAN Rules.png_thumb)
![Blocked Firewall.png](/public/imported_attachments/1/Blocked Firewall.png)
![Blocked Firewall.png_thumb](/public/imported_attachments/1/Blocked Firewall.png_thumb)

jahonix

Hell, delete all rules on WAN quickly!
You surely don't want access from any on IPv4 & IPv6 to your router/lan/what_have_you!

What doesn't work?
Do a ping to the sites that don't work and a trace as well. Post the results here.

BTW: it takes approx. 15min these days until a (new) connection to the internet is scanned for vulnerabilities. Conservative guessing. Take your install offline and format the disk, re-start with a clean install. For hours on the net mostly unprotected your pfSense pretty much has been taken over already. Seriously.

brad999

Thanks for your concern, but this isn't a live setup. I added the rules for testing and am not using this as my active router…its offline.

I can ping everything external but when I attempt to visit some websites they get blocked (see firewall log). How is anything getting blocked when I have rules that allow everything?

jahonix

so your WAN has an IP in a private range from a different router?
Did you turn off "Block private networks" on your WAN interface configuration?

brad999

No, my WAN has a public address. In the firewall log showing the blocked attempts, the target IP that is whited out is my WAN address (public IP).

"Block private networks" is off.

jahonix

Well, it's not a live setup .. and offline … but has a public IP on WAN? Possible but a bit complicated maybe.
Might be you have LAN and WAN swapped?

brad999

It is not live and offline as in it is currently not being used. It is shutdown, unplugged, and tucked away in a corner.

However, when I was testing it, it was indeed online. It is a simple configuration, one WAN connection with a public IP and a LAN connection to a laptop. Testing from the laptop on the LAN, I can ping external sites and can even access some from a browser, but when attempting to access some sites from the browser they never load and I see blocked connections in the firewall log. The main question I'm asking here is - With firewall rules that should allow everything, why am I seeing blocked connections in the firewall log?

jahonix

IMHO with hitting the "i" in the firewall log you can see which rule triggered the entry

brad999

It's blank when I do that (i.e. blocked by the default rule)…which it shouldn't hit because of the allow everything rules