Port forward plex
-
@johnpoz
I'm just curious, in you firewall rules, WAN.You have one rule at the bottom. You call it "Clean Block" Do you like to share the settings you have inside that rule?Thanks in advance!
-
Its just there so I only log SYN… I don't care to see the UDP noise and any sort of out of state block. So I turn off logging of the default block, and then only log SYN packets..
Just set the SYN tcp flag is all in the advanced option.. This removes all the nonsense UDP noise and out of state nonsense that really don't care to see... But I am curious to what is the common ports being hit.. 3389, 22, 23, 1433, you know the typical ones. But for example when that worm on the Mikrotik botnet was becoming popular saw a lot of port 8291 which was interesting..
Still see that 8291 now and thing - just looked saw a hit back on 15th ;)
-
Its just there so I only log SYN… I don't care to see the UDP noise and any sort of out of state block. So I turn off logging of the default block, and then only log SYN packets..
Just set the SYN tcp flag is all in the advanced option.. This removes all the nonsense UDP noise and out of state nonsense that really don't care to see... But I am curious to what is the common ports being hit.. 3389, 22, 23, 1433, you know the typical ones. But for example when that worm on the Mikrotik botnet was becoming popular saw a lot of port 8291 which was interesting..
Still see that 8291 now and thing - just looked saw a hit back on 15th ;)
Thank you very much. I didn't think about this. Great idea to show if some shit is going on and more easy to read, instead of using "Log firewall default blocks"(to much noise) Yeah, i can see some of the ports you mentioned now in my log :o :)
Little bit off topic, sorry :)
-
I want to thank you very much, after all the headaches it was something stupid on my end. I decided to log into my freenas which runs my customplugin server, and there it was the plex plugin was off. Could not turn it on, so I rebooted and the plex plugin strted again and now everything is working. Thank you for all your help in this matter. I now a little more on port forwards,and firewall rules thanks to you.
-
And don't forget you removed the any any rule that basically opened up your web gui to the world - so anyone on the planet might of guessed your pfsense username and password or sshed to it, etc. etc..
Why did you create the any any rule on your wan?
