Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Java downloads not getting through despite Allow All rule

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 3 Posters 660 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jenningsb
      last edited by

      We have some software that tries to download a Java package every time it is opened. If I disable the firewall completely, the download works fine. If the firewall is enabled, the download fails. I've tested by creating an Allow All rule on the Lan interface and disabling all other outbound rules with no success. I've disabled all add-on packages (squid, snort, etc) with no success. The only thing that works is to disable the firewall in System\Advanced\Firewall. This is a very simple setup. Single LAN interface and single WAN interface.

      bmeeksB 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You have public IPs on the LAN then? That would also disable NAT which usually prevents everything working.

        The only thing I can suggest there is disabling pf-scrub on that same page. If that software is generating packets that are somehow scrubbed and break that would do it. That's usually a sign the software is doing something wrong though.

        Steve

        1 Reply Last reply Reply Quote 0
        • J
          jenningsb
          last edited by

          I'm sorry, I failed to mention that this firewall is running in transparent mode. I tried disabling PFScrub, but no luck. Strange thing is, there are a handful of computers that the software works on, and, on a very rare occasion, one of the computers that we are having trouble with will connect. 99% of the time, though, it will not.

          1 Reply Last reply Reply Quote 0
          • bmeeksB
            bmeeks @jenningsb
            last edited by bmeeks

            @jenningsb said in Java downloads not getting through despite Allow All rule:

            We have some software that tries to download a Java package every time it is opened. If I disable the firewall completely, the download works fine. If the firewall is enabled, the download fails. I've tested by creating an Allow All rule on the Lan interface and disabling all other outbound rules with no success. I've disabled all add-on packages (squid, snort, etc) with no success. The only thing that works is to disable the firewall in System\Advanced\Firewall. This is a very simple setup. Single LAN interface and single WAN interface.

            When you disabled Snort, did you go in to the BLOCKED tab and flush all the blocked IP addresses? Simply turning off Snort will not remove any previously Snort blocked IP addresses.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.