Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Blocking Question

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 3 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      pman860507
      last edited by

      I know i have a lot of questions. but it seems like every time i loot at my firewall log it looks like this blocking things but i dont know why? like thats night i noticed it was blocking a bunch of things from google.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG Offline
        GruensFroeschli
        last edited by

        Is that in the source your own IP?

        Could be this:
        http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • P Offline
          pman860507
          last edited by

          @GruensFroeschli:

          Is that in the source your own IP?

          Could be this:
          http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

          no the destination is my ip. almost always is so its from wan to lan.

          and i think you are correct. but is there any way that i can make then now show up. since they flood my log, or a way to make it so you show more then 50 logs in your dynamic view?

          1 Reply Last reply Reply Quote 0
          • jimpJ Offline
            jimp Rebel Alliance Developer Netgate
            last edited by

            There is no way to filter out those log entries automatically, since they are identical to normal blocked packets. It's just that whatever server you are connecting to is either sending them back from a different IP, or after the state has been removed. It isn't normal to see a ton of these, but it has more to do with the server you are connecting to than anything else.

            You can try to set the firewall optimization to "conservative" under the advanced options, but iirc that really only helps with UDP, not TCP states.

            The dynamic view is locked to 50 entries because if you go much larger than that, the JavaScript involved gets really slow.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • P Offline
              pman860507
              last edited by

              @jimp:

              There is no way to filter out those log entries automatically, since they are identical to normal blocked packets. It's just that whatever server you are connecting to is either sending them back from a different IP, or after the state has been removed. It isn't normal to see a ton of these, but it has more to do with the server you are connecting to than anything else.

              You can try to set the firewall optimization to "conservative" under the advanced options, but iirc that really only helps with UDP, not TCP states.

              The dynamic view is locked to 50 entries because if you go much larger than that, the JavaScript involved gets really slow.

              Thanks for the info. I really appreciate it.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.