TCP:S/TCP:F being blocked by firewall, only happens with Apple computers
Here is my problem :
I manage a school network with macbooks & PC, all connected to the internet through a transparent squid/dansguardian proxy and an iptable ubuntu gateway.
Everything is fine excepted mac book users being blocked by pfsense when it comes to reach some websites (PC are all ok). Here is a sample output from the firewall log :
May 6 09:35:41 LAN 192.168.1.82:62980 18.104.22.168:48344 TCP:S
May 6 09:35:41 LAN 192.168.1.82:62981 22.214.171.124:16884 TCP:S
May 6 09:35:41 LAN 192.168.1.82:62982 126.96.36.199:1515 TCP:S
May 6 09:35:41 LAN 192.168.1.82:62983 188.8.131.52:14657 TCP:S
Is there any way to allow this traffic ? Unfortunately I can't know every IP they want to reach :(
sorry if my english is not perfect :x
And thank you for any help :)
Can you show what your firewall rules are on that LAN interface?
TCP:S is SYN which is a new connection being formed. That should only be blocked if you do not have a matching firewall rule.
Thank you for your answer.
I understand why the ports I listed are blocked but not why it only happens on apple computers ??
Confused about your rules. You have an allow rule for source 192.168.1.? (you obscured the last octet). But then there are a bunch of other rules that refer to "LAN". What is the LAN subnet?
The first rule only applies to a particular computer using its own conf and is temporary.
The "Proxy" alias is the default gateway and transparent proxy that "LAN" computers (and alias) use.
This basic conf is working fine, as long as you don't put an apple in.
Rather than trying to guess at what you are doing, can you post your rules and config?