Issues with pfsense firewall log
-
i have pfsense 2.4.3
i watch the firewall logs and i have seen that :
Mar 8 19:03:14 LAN Default deny rule IPv4 (1000000103) 10.90.90.90:62976 255.255.255.255:62976 UDP
the 10.90.90.90 is the only switch in my firewall
what this log ? and i can resolv that ?
-
@koko_adams said in Issues with pfsense firewall log:
Mar 8 19:03:14 LAN Default deny rule IPv4 (1000000103) 10.90.90.90:62976 255.255.255.255:62976 UDP
Mar 8 19:03:14 LAN Default deny rule IPv4 (1000000103) 10.90.90.90:62976 255.255.255.255:62976 UDP
It's broadcast traffic.
-
how i can resolv this , sir ?
what is the default rule for disable logging ?
-
@koko_adams said in Issues with pfsense firewall log:
62976
I would be more concerned with why your seeing the traffic in the first place
https://www.speedguide.net/port.php?port=62976 -
https://docs.netgate.com/pfsense/en/latest/monitoring/firewall-logs.html
Or add a rule to block and not log, place it at the bottom.
-
-
Yeah and you should look to why your seeing that traffic on your network vs just not logging it... That is not NORMAL traffic...
If it was on your wan (internet) I would say just ignore it but if that is local?? Shouldn't be see that.. Do you have any of those cameras?
Do a packet capture on pfsense and capture that traffic and upload the pcap.. Lets take a look to what is in it.
https://vuldb.com/?id.22182
-
i have a camera in my lan network
this is a capture
06:53:51.650228 IP 10.90.90.90.62976 > 255.255.255.255.62976: UDP, length 317
-
That is not the capture.. Download the file and post up the pcap file.
But 10.90.90.90 is your SWITCH IP, or is that the camera IP?