Strange firewall rule behavior



  • I currently have a rule permitting LAN to any, however I cannot ping 8.8.8.8 without explicitly adding a rule to allow it. Is there something I'm missing?



  • There is already a default Allow Any rule on LAN that literally allows everything.  Are you running an IDS package like Snort, Suricata, pfBlocker, etc?  Something else must be in play here.



  • I don't have squid enabled and snort is not installed.
    It's as if my rule is completely ignored for some reason. This shouldn't be hitting the default deny.




  • Figured it out. When I installed the allow any rule was missing and I had to create it. Problem was that I created TCP/UDP only, not *.



  • When I installed the allow any rule was missing and I had to create it.

    I find that very hard to believe.  LAN always gets a default Allow Any rule whereas all other LAN interfaces do not.  Are you sure you didn't accidentally delete it or modify the default LAN rule?  I've been here for a few years now and I can't remember anyone else having this issue.

    Glad you got it working regardless.