Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Weird Firewall Issue

    Firewalling
    1
    3
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lt_tweak
      last edited by

      I currently run a pfSense box for primary routing/vpn/etc.  I am trying to connect via another subnet 172.31.16.0/24 to the primary 192.168.1.0/24 network.  For some reason i get the following ipfw log:

      pf: 1. 044981 rule 109/0(match): block in on vr0: (tos 0x0, ttl 64, id 44283, offset 0, flags [DF], proto TCP (6), length 44) 192.168.1.254.80 > 172.31.16.1.3322: S, cksum 0x5bd6 (correct), 325161313:325161313(0) ack 3541639855 win 5840 <mss 1160="">the really weird thing is, if i ping the host before trying to connect to the webserver @ 192.168.1.254, the packets go through just fine.  The packets continue to pass until timeout occurs, which they are then dropped again, until you ping the host first.

      This occurs with or without the follwing IPFW rule applied
      Proto  Source  Port  Destination  Port  Gateway  Schedule  Description
      TCP  172.31.16.0/24  *  *                  *  *

      Thanks!</mss>

      1 Reply Last reply Reply Quote 0
      • L
        lt_tweak
        last edited by

        err not ipfw…. PF... hence the name

        1 Reply Last reply Reply Quote 0
        • L
          lt_tweak
          last edited by

          DOH!
          Bypass firewall rules for traffic on the same interface  … check this box.. all is good

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.