Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    let out anything IPv4 from firewall host itself source is foreign ip

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 618 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kevin.chan.aebc
      last edited by kevin.chan.aebc

      I have setup a pfsense with some firewall rules to allow my servers access to a pfsense lab and blocking all other ips. however i am seeing some foreign ips being allowed to my servers with the log being "let out anything IPv4 from firewall host itself". I am also seeing my servers being allowed to access these foreign ips. The rules i set up only have allow my ips in. does this mean that they have logged into the pfsense. Should i be worried that the pfsense is compromised? I cannot find any information on how to remove this default rule.

      version 2.4.5-RELEASE-p1

      Thank you

      A 1 Reply Last reply Reply Quote 0
      • A
        akuma1x @kevin.chan.aebc
        last edited by akuma1x

        @kevin-chan-aebc If you have the WAN port of your pfsense box on the actual internet, and you have basic pass rules on your WAN interface, then yes, machines out on the internet can get in. If you have done none of this, pfsense itself is setup "out of the box" to NOT pass any traffic thru from the WAN (internet).

        You say in your post "access to a pfsense lab". Is this pfsense box already behind a router? If so, and you don't have WAN rules set, still nothing gets in.

        What would be helpful is if you took a screenshot of your pfsense WAN firewall rules, and give a brief description of how your network(s) are setup.

        Jeff

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          And the firewall entries your actually seeing.

          Also pfsense can talk to anything it wants to.. Are you using a proxy, if so pfsense would be doing the talking not your client behind asking proxy to go xyz..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.