LAN allowed packets blocked when should be passed
-
I have an SG-1000 that is new to me. There is something odd.
In the firewall logs it shows LAN packets being blocked by the default deny rule.
https://www.dropbox.com/s/5to1z2wv8m7o3rq/Screenshot%202017-10-23%2017.43.25.png?dl=0
However is rules for the LAN I have all LAN traffic to all destinations allowed.
https://www.dropbox.com/s/tfaerrkkjhq9jty/Screenshot%202017-10-23%2017.42.50.png?dl=0
How is this happening?



 -
Those look to be all out of state packets… Notice the flags FA, PA..
https://doc.pfsense.org/index.php/Why_do_my_logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection
-
I've got a PF Sense install that is generating TONS of blocked packets in the logs - like 20-30 per second. A lot of DNS lookups, and other legit traffic. I read the doc.pfsense.org link, but this just seems very strange to me that so much is being logged as blocked by the default rule. I've been having some DNS lookup issues, and now that I see a lot of this traffic being blocked to the ISP dns server, it makes me wonder if this isn't the issue. In the firewall rules, I am allowing everything out for all protocols, even from any source. Normal browser operation seems to be ok. Should I just disregard all these tons of logged events?
Bob
-
Impossible to say without seeing what is actually being logged.
-
Start a new thread instead of piggybacking off this one and post your firewall rules.