Traffic through PIA OpenVPN generates firewall logs



  • I have a problem with forwarding torrent traffic from a host through a Private Internet Access OpenVPN tunnel. I've been doing research on this for a while but I can't figure out where my problem is. Traffic seems to flow, but I sometimes get block alerts in the firewall logs for the forwarded ports.

    I've used several guides but mostly this one https://forum.pfsense.org/index.php?topic=72902.0 . Here's what I did so far:

    • created OpenVPN connection to PIA

    • assigned interface to it, PIAOVPN

    • created port forward rule on interface PIAOVPN to host

    • created outbound port forward from torrent host. with tagged traffic so I can block outgoing traffic if PIA connection is down with a floating rule

    • created allow rule on PIAOVPN interface

    • created allow rule on LAN interface for outgoing traffic with PIAOVPN as gateway which seems to work

    • created floating rule to block traffic if openvpn gateway is down

    I'm running deluge with outgoing ports 6891-6899 and incoming 6881-6889. On pFsense I have pfblockerng and snort (disabling it doesn't do anything).

    My problem is that sometimes I get an alert like this one

    Ran pfctl -vvsr and this seems to be the rule that's blocking traffic:

    (1473543312) block drop in log quick on openvpn inet all label "USER_RULE"
    

    The thing is, downloads and uploads seem to work just fine, so I don't understand what's with the alerts. Any help is appreciated.