Ephemeral Port range change not taking affect.
-
I have a floating firewall rule blocking some undesirable ports from going out or coming in on the WAN interface (3389, 1900, 1433, ect) but my problem is that it looks like pfsense is choosing RHPs in the registered port range.
I changed the port range through sysctl:net.inet.ip.portrange.reservedlow: 0
net.inet.ip.portrange.reservedhigh: 1023
net.inet.ip.portrange.hilast: 65535
net.inet.ip.portrange.hifirst: 49152
net.inet.ip.portrange.last: 65535
net.inet.ip.portrange.first: 16384
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.lowfirst: 1023But my firewall rule is still catching valid connections using RHPs in the registered port range.
Here are a couple examples of the logs:
WANIP:1433 --> 8.8.8.8:53 UDP
WANIP:1900 --> 129.80.22.17:443 TCP:S
WANIP:1434 --> 172.217.13.234:443 TCP:S
WANIP:1900 --> 8.8.8.8:53 UDP