TCP:S/TCP:F being blocked by firewall, only happens with Apple computers



  • Hello everyone,

    Here is my problem :
    I manage a school network with macbooks & PC, all connected to the internet through a transparent squid/dansguardian proxy and an iptable ubuntu gateway.

    Everything is fine excepted mac book users being blocked by pfsense when it comes to reach some websites (PC are all ok). Here is a sample output from the firewall log :
    May 6 09:35:41 LAN 192.168.1.82:62980 85.74.114.179:48344 TCP:S
    May 6 09:35:41 LAN 192.168.1.82:62981 61.91.88.76:16884 TCP:S
    May 6 09:35:41 LAN 192.168.1.82:62982 92.96.46.11:1515 TCP:S
    May 6 09:35:41 LAN 192.168.1.82:62983 82.236.10.125:14657 TCP:S
    (all blocked)

    Is there any way to allow this traffic ? Unfortunately I can't know every IP they want to reach :(

    sorry if my english is not perfect :x
    And thank you for any help :)

    Gilouuu


  • Rebel Alliance Developer Netgate

    Can you show what your firewall rules are on that LAN interface?

    TCP:S is SYN which is a new connection being formed. That should only be blocked if you do not have a matching firewall rule.



  • Thank you for your answer.

    Here is my conf, very simple.

    I understand why the ports I listed are blocked but not why it only happens on apple computers ??

    Thank you.

    Gilouuu



  • Confused about your rules.  You have an allow rule for source 192.168.1.? (you obscured the last octet).  But then there are a bunch of other rules that refer to "LAN".  What is the LAN subnet?



  • Thank you.

    The first rule only applies to a particular computer using its own conf and is temporary.

    The "Proxy" alias is the default gateway and transparent proxy that "LAN" computers (and alias) use.

    This basic conf is working fine, as long as you don't put an apple in.



  • Rather than trying to guess at what you are doing, can you post your rules and config?


Locked