Outgoing access through few ports



  • My testing on home pfsense is almost complete and have one more issue I have just noticed.

    Opening specific ports only, blocks everything (rule for kids) but If I replace destination port with "any" it does work (remaining rules). Where is the mistake?
    I thought it was scheduling issue but removing it does not change anything. Additionally, if I specify destination ports on any of the remaining rules, traffic is blocked.
    Please see attachment for additional info.
    NOTE: Version running is 2.2.4

    Thank you.



  • Are you allowing outbound DNS?



  • I'm using DNS forwarder on pfsense box



  • @karamanr:

    I'm using DNS forwarder on pfsense box

    Are you allowing LAN access to it?



  • yes. I can open icmp and I'm able to see ping google DNS.
    Tried creating dns rule to lan address and "all" but still no luck.

    To make things worse even though logging is enabled on these rules, nothing shows up in logs.



  • Interesting: added port 53 in to alias/ports and it works.
    I've added 53 port as a dedicated rule on top of the rule list and it would not go….

    Thanks for your help Nullity!


  • Rebel Alliance Global Moderator

    "I've added 53 port as a dedicated rule on top of the rule list and it would not go…."

    Well you did it wrong then.. Rules are evaluated top down, first rule to fire wins no other rules are looked at.  I you place a rule on top that allowed all access to 53 then it would of been allowed.

    Also your bottom rules is kind of pointless since there is a default deny, unless your go with this was to NOT log and your logging your default deny rule.