What percentage of your overall traffic is blocked?



  • After having the graphics I see a whopping 32% traffic ends up blocked by the firewall.

    All of our services are running and we have no connectivity issues.



  • According to RRD, blocked traffic is measured in 1-2 kilobits per second and passed traffic is 5Mb+/s. over 1:1000 difference on average.


  • Rebel Alliance Global Moderator

    kind of a pointless questions, its like asking how many stairs do you have in your house or how many windows.

    Which direction even?



  • Well life is pointless too but there's questions…

    I was kinda shocked honestly.  32% of our bandwidth is going to unsolicited traffic that ends up being blocked.

    It really still is the wild west over the wire still.


  • Rebel Alliance Global Moderator

    that seems really really high.. Unless your not actually doing anything with your bandwidth..

    how exactly did you come up with this number?  And what are you dropping?  Is it udp, tcp?  What ports?  What is in the traffic?  32% of your pipe in noise seems like an attack..



  • @johnpoz:

    that seems really really high.. Unless your not actually doing anything with your bandwidth..

    how exactly did you come up with this number?  And what are you dropping?  Is it udp, tcp?  What ports?  What is in the traffic?  32% of your pipe in noise seems like an attack..

    Well I've had to learn pfsense and splunk because things have been going so smoothly…
    I know something is up I just don't know what.

    I'll grab some stuff here in a bit.  But the last thing that caught my eye was a ton of "private ip scope" traffic being bounced at the wan port.



  • Depending on exactly how and what your WAN is connected to, that really may not mean anything.  It could simply mean you are seeing a lot of traffic that is from your ISP network (as if your WAN is connected to a bridge mode device) or your ISP "doesn't do IPV6 very well".
    A quick screenshot of the WAN rules and the firewall log will help everyone trying to help you.

    johnpoz:
    14 steps and 22 windows.



  • I block everything…  Going in and out.  Just to be safe (-;



  • My wan rules list is too big to screen cap.

    It's basically just PFBlocker rules blocking everything not the US.



  • Yay.  Was having an issue with the machine hosting the file share.  I reboot around 3 times within 40 minutes.  On the third boot the admin password has somehow been changed.  Completely locked out of the machine.  Had to turn off the network port to it.

    This is so fun!  >:(


  • Netgate

    Since I have very few inbound ports, I would say that about 99.99% of my inbound connections are blocked.

    The percentage would be a bit less if I am traveling and using the VPN.

    It sounds like you should reconsider your security design.


  • Rebel Alliance Global Moderator

    he is not talking % blocked vs % allowed but % in bandwidth that is blocked… This number should be almost invisible..