Help with Firewall Troubleshooting
Hello pfSense experts,
I'm having some trouble with Firewall configuration. Despite having the rules (screenshots are attachments) applied on both interfaces (note that pfSense is configured as a bridge here), all of my packets to 192.168.100.50 keep getting blocked. It should also be noted that I can ping hosts at 192.168.100.45 and 192.168.100.54. The blocking of 192.168.100.50 isn't showing up in the firewall logs from what I can see (I grab the logs using FileZilla and then do a search with Notepad++ for 192.168.100.50). When I disable packet filtering, I can ping and navigate to the web interface, so it's obviously a pf problem. What should I be investigating next? I've got the pfSense book, but it doesn't suggest any other means of troubleshooting.
Back in the day, I used to use a Cisco Ironport which was pretty terrible except it had this one cool feature where you could simulate a packet and it would show you what rules it applied to it.
For example, let's say I simulated a packet from 192.168.100.3 to 192.168.100.50.
It would tell me what rule it matched and what conditions caused this matching.
Does pfSense have something similar? Is this worthy of a feature request?
Let me know if you have any advice or what I should investigate next,
Is there any reason why traffic would be dropped and not be logged despite having logging enabled on all rules.
Is there anything in the floating rules?
Can you attach a packet capture from the LAN interface, taken when you are attempting to do a ping towards 192.168.100.50?
Are you sure that the ping isn't being blocked further upstream, or that this is an ARP issue or something similar?