4. New issue with Block traffic to port 0

New issue with Block traffic to port 0

  • R

    Hello guys,

    After updating from pfsense 2.4.3_1 to 2.4.4 using the exact same Firewall rules, I get a new rule match on the LAN interface: "Block traffic to port 0" ... TCP:S (I forgot to take a screenshot of the log and since then I have rolled back to the previous version).

    The traffic that is being blocked is an IPSec tunnel that passes through the pfsense box.

    My question is whether or not something changed between the two versions to cause this issue, if there is a plan to implement a method to tweak the default FW rules from the GUI and finally if simply commenting the following lines from /etc/inc/filter.inc will solve the issue:
    block {$log['block']} quick inet proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
    block {$log['block']} quick inet proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"

    Any further comments and suggestions are appreciated.

    Thanks in advance!

    0
  • LAYER 8 Netgate

    Traffic to or from tcp/udp port zero is invalid and should be dropped by any competent firewall.

    No. Nothing has changed here.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy