Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Basic (read possilbly dumb) blocked firewall entry

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    4 Posts 3 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      njaimo
      last edited by

      ..not sure how this can happen.. Reviewing my system firewall logs, I have one for a blocked request that has the "source IP" as a place in the China, but the "destination IP" is the exact internal address of my server (192.168.3.150 to port 80), instead of my public WAN address !
      I do not have any NAT or rules allowing traffic in to HTTP on the server, how can someone find out the exact internal IP address ?

      -NJ

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You don't have port forwarding setup?

        This is the result I would expect from having port 80 forwarded but no firewall rule in place to allow it.

        This is probably the wrong section in the forum for this.

        Steve

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          If you see an entry like that, you have to have a NAT rule setup that is doing it.

          Whether it's a port forward entry, 1:1 NAT, or from UPnP, it has to be there or it wouldn't be showing in that way. (Assuming the interface on that log message was WAN)

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • N
            njaimo
            last edited by

            Thanks for the replies …at the time the log came is I did not have the port forwarded, though I had been trying to set it up sometime before.  Maybe it was delay in the log posting list ?...  Anyway, I have not had a recurrence.  One thing I have noticed though, is that the Country Block package keeps turning itself off.  Every time I check it through the WebGIU > Firewall > Country Block tab, it shows the enable box is not checked and the bottom of the page says "Currents Status= not running".  Any ideas ?...  I also can't seem to get denyhosts started.  When I click the "start service" button it goes through the motions, but the Status>services page shows it is stopped.

            I have a Soekris 5501 with a hard-drive install of v1.2.3

            Cheers,

            -NJ

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.