Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What is rule (@4294967295)?

    Firewalling
    2
    5
    245
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfsjap
      last edited by

      Netgate 1100 with 23.09-RELEASE and pfBlockerNG-devel 3.2.0_7:

      After upgrading pfBlocker yesterday found today these log entries below. What is this rule and is it related to the new pfBlocker version?

      Nothing should pass inbound from WAN.

      0d73b073-c87c-49e5-a380-e00b97957033-image.png

      0a847c5e-66e8-41bc-ac81-653216afecb4-image.png

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @pfsjap
        last edited by

        @pfsjap take a look at the full rules

        https://docs.netgate.com/pfsense/en/latest/firewall/pf-ruleset.html

        And grep for that number.. If not in your current rules, then it could be a rule that was deleted.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.03 | Lab VMs 2.7.2, 24.03

        P 1 Reply Last reply Reply Quote 0
        • P
          pfsjap @johnpoz
          last edited by

          @johnpoz Didn't find anything by that number (which equals -1, btw) and don't understand how it could be a deleted rule. I mean, where would such a rule come from, I certainly have not made it. Device was rebooting on 10:13:39.

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @pfsjap
            last edited by johnpoz

            @pfsjap said in What is rule (@4294967295)?:

            (which equals -1, btw)

            huh.. The @number would be the ID, etc. 4294967295

            There was a bug related to that number
            https://redmine.pfsense.org/issues/12872

            I am using 23.09 with 3.2.0_7 pfblock (but I don't have it create any rules) I only use it for native aliases it creates that I use in my rules.

            Do all your log entries other than rfc and bogon show that?

            Example I see like this in my log, if you click the little X you should get more info about the rule

            block.jpg

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.03 | Lab VMs 2.7.2, 24.03

            P 1 Reply Last reply Reply Quote 0
            • P
              pfsjap @johnpoz
              last edited by

              @johnpoz said in What is rule (@4294967295)?:

              Do all your log entries other than rfc and bogon show that?

              Nope, log has been very quiet since I disabled logging of implicit default rules and my main firewall Netgate 6100 is behind 1100. These two 4294967295 entries are the first I've seen (that I remember, at least).

              I do get the info popup from older block entries, but nothing (empty) from the two pass entries.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post