Blocked by default
I have a wide open rule on my wan:
Proto Source Port Destination Port Gateway Schedule Description
- 172.25.1.0/24 * * * * test
but in the firewall log I am recieving quite a few dropped packets being dropped by the default rule
Dec 10 10:39:03 WAN 172.25.1.10:5972 126.96.36.199:80 TCP
Dec 10 10:39:31 WAN 172.25.1.10:5972 188.8.131.52:80 TCP
Dec 10 10:39:32 WAN 172.25.1.10:5970 184.108.40.206:80 TCP
Dec 10 10:40:36 WAN 172.25.1.10:5970 220.127.116.11:80 TCP
Dec 10 10:41:40 WAN 172.25.1.10:5970 18.104.22.168:80 TCP
Dec 10 10:42:44 WAN 172.25.1.10:5970 22.214.171.124:80 TCP
Dec 10 10:43:48 WAN 172.25.1.10:5970 126.96.36.199:80 TCP
Dec 10 10:44:53 WAN 172.25.1.10:5970 188.8.131.52:80 TCP
Is this because of the state is bieng sent or recieved incorrectly?
Some basic info
Lan is bridged with wan
I have an optional 1 which is load ballanced with the wan
on the lan side i also have a wide open approve all for my private side.
I found the answer
Search is a good thing.
Santron you´re right.
But on pfsense to fix this problem, check the checkbox "Bypass firewall rules for traffic on the same interface" on Advanced in System tab.
See if fix you problem.
Anyway post your results.
Thank you for your answer. It has solved some of the blocks but I am still getting dropped packets:
Act Time If Source Destination Proto
Dec 11 10:17:34 WAN 172.25.xxx.xxx:14084 208.71.xxx.xxx:80 TCP
Dec 11 10:16:30 WAN 172.25.xxx.xxx:14084 208.71.xxx.xxx:80 TCP
Dec 11 10:15:25 WAN 172.25.xxx.xxx:14084 208.71.xxx.xxx:80 TCP
Try to create rules for this destination just for test.
Action - Pass
Source - *
Protocol - TCP
Destination - 208.71.x.x
Cause this previous option fix this problem, but there are cases when you need to create specific rules.
Anyway, you can contact me on Skype. -> heitor.flessa
some of these are normal, as the m0n0wall doc explains. why do you think you have a problem?