Issue with access to Bluehost



  • Hi All,

    pfSense noob here, so please forgive the dumb question. The last couple weeks I've been experiencing a weird issues that I haven't been able to figure out how to troubleshoot.  The initial symptom was that my mail client could no longer connect to an IMAP account on my Bluehost hosting service.  In my Firewall Log, I could see entries like:

    Action: Red X
    Time: Near enough to my "Get new email click"
    Interface: LAN
    Source: 192.168.1.10:59058
    Destination: Bluehost IP (in 74.220.192.0/19 CIDR)
    Proto: TCP:S

    I didn't really understand why this was being blocked as it seems like the default allow LAN to any rule should permit this.  At this point, I also noticed that I couldn't get to my blog (that's hosted on Bluehost) and I could log into the main Bluehost site, but when it went to launch cPanel, it would tell me that my firewall was blocking some ports. So I created a LAN rule to allow it to see if that would solve the issue. So I created the rule:

    Proto: IPv4 TCP
    Source: *
    SPort: *
    Dest: 74.220.192.0/19
    DPort: *
    Queue: none

    But still no dice. In addition to the Firewall, I'm also running snort and pfBlockerNG.  But I couldn't find any relevant log messages in either of those services that would explain why the traffic was being blocked.  The only thing so far that I have found that has resolved the issue is to reboot the pfSense box at which point all the problems go away.  Unfortunately, it has resurfaced after about 5 days.

    So my question is, what else should I be looking at to figure out what's going on and why Bluehost seems to get blocked?

    I'm running pfSense 2.3.4-RELEASE-p1 (amd64) on a PC Engines APU2.

    Thanks!
    -b