Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange firewall rule behavior

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 2 Posters 957 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xrctp1
      last edited by

      I currently have a rule permitting LAN to any, however I cannot ping 8.8.8.8 without explicitly adding a rule to allow it. Is there something I'm missing?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        There is already a default Allow Any rule on LAN that literally allows everything.  Are you running an IDS package like Snort, Suricata, pfBlocker, etc?  Something else must be in play here.

        1 Reply Last reply Reply Quote 0
        • X
          xrctp1
          last edited by

          I don't have squid enabled and snort is not installed.
          It's as if my rule is completely ignored for some reason. This shouldn't be hitting the default deny.

          default_deny_nonsense.jpg_thumb
          default_deny_nonsense.jpg

          1 Reply Last reply Reply Quote 0
          • X
            xrctp1
            last edited by

            Figured it out. When I installed the allow any rule was missing and I had to create it. Problem was that I created TCP/UDP only, not *.

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              When I installed the allow any rule was missing and I had to create it.

              I find that very hard to believe.  LAN always gets a default Allow Any rule whereas all other LAN interfaces do not.  Are you sure you didn't accidentally delete it or modify the default LAN rule?  I've been here for a few years now and I can't remember anyone else having this issue.

              Glad you got it working regardless.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.