Port forward bad hrd length
-
I really hope someone can help.
I am using nat to forward SSH to a CENTOS machine.
All my other forwards work, its just this one being a pain.Its getting blocked by default rule, the logs shows:
listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes
000000 rule 60/0(match): block in on xl1: 212.125...14536 > 192.168.0.50.22: tcp 40 [bad hdr length 0 - too short, < 20]
2. 407432 rule 60/0(match): block in on xl1: 62.231...19293 > 192.168.0.50.22: tcp 40 [bad hdr length 0 - too short, < 20]The centos machine can ping yahoo, and the pfsense box.
I can SSH into the centos box from the pfsense box.If I turn on SSH in the pfsense config, and change the rule im having problems with to point to the pfsense box it works, so the rule is sound.
Any thoughts?
Edit: Using version 1.2.3-RC3
From searching this forum i have tried:
Bypass firewall rules for traffic on the same interface
Disable Hardware Checksum Offloading -
Sounds like you don't have a firewall rule on WAN to allow it. see also:
http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting -
How i missed that I just dont know.
All sorted TY.