Default rule blocks traffic on same VLAN/subnet



  • I am getting repeated log entries for the default rule on my "Home" VLAN (192.168.10.0/24) blocking UDP traffic to 192.168.10.1:192 and 192.168.10.255:137. These are coming from Apple devices on the same VLAN and subnet. I am still learning and while there's probably a thread on this already, I didn't find it. It occurs several times per minute and seems to happen more often than the "drops legitimate traffic" phenomenon I did find discussed. I understand why the traffic is being generated, but I don't understand why the firewall sees it (i.e., runs rules on it) in the first place. I also know that I can block (or pass) without logging, but the fact that it is occurring makes me wonder if something is set up incorrectly. I have several other VLANs configured, and I have native IPv6 from my ISP.

    Why am I seeing this in the logs? Is this normal, or does it suggest a configuration issue?

    EDIT: pfSense 2.4.3-RELEASE-p1 (arm) on a Netgate SG-3100.



  • Traffic between devices on the same subnet should not touch the firewall, as long as the respective devices are connected to different bridged interfaces.

    Maybe a drawing of your setup could shed some light into that.



  • @tcw said in Default rule blocks traffic on same VLAN/subnet:

    m still learning and while there's probably a thread on this already, I didn't find it. It occurs several times per minute and seems to happen more often than the "drops legitimate traffic" phenomenon I did find discussed. I understand why the traffic is being generated, but I don't understand why the firewall sees it (i.e., runs rules on it) in the first place. I also know that I can block (or pass) without logging, but the fact that it is occurring makes me

    .255 is broadcast crap hitting the interface


Log in to reply