Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ICMP, TCP:SA, TCP:R best practices?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      motodude
      last edited by

      I installed my pfsense firewall today and have it up and running.  So far so good!

      My logs are showing ICMP, TCP:SA and TCP:R as blocked.  For now, I've allowed all ICMP to pass.

      I searched this forum but didn't find what I was looking for.  What is the best practice with ICMP?  Allow everything or only the minimal (and if so, what) responses?

      What about TCP:SA and TCP:R?  I've googled and am not finding a description of those or a recommendation.  I

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        You don't need to allow any ICMP. Any ICMP messages associated with a permitted connection are automatically allowed.

        the SA and R are:
        http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.