Scratch head bleeding for LAN port 443
-
Hi all, whare/what have i missed of rule creation to allow all LAN to do whatever without getting block (this is a home network). Any help point me to the right direction is much appliciated. Thanks in advance.
Im using pfSense-2.0.1-RELEASE-4g-i386-nanobsd_vga.img
- attaching images of faults
- my BogusLAN alias are: 172.16.0.0/16, 10.0.0.0/8
-
According to the pic you are blocking access from 172.16.0.0/16 and 10.0.0.0/8. We are unsure what subnet LAN actually is so we cannot speculate on why 192.168.0.0/24 is being blocked. What is the LAN IP address and its subnet address?
-
According to the pic you are blocking access from 172.16.0.0/16 and 10.0.0.0/8. We are unsure what subnet LAN actually is so we cannot speculate on why 192.168.0.0/24 is being blocked. What is the LAN IP address and its subnet address?
192.168.0.0/24
-
Those packets are all FIN, FIN/ACK, FIN/PSH/ACK… in other words, they're tearing down connections, they aren't part of an active connection.
If the state is removed before the server fully closes the connection that can happen.
-
What jimp said … ;)
But are you able to get out to the internet?
-
What jimp said … ;)
But are you able to get out to the internet?
Yea, all works accept the firewall log page is flooded with LAN 443 blocked items. I guess i cant do anything about it then. I hope thare would be a pre-Filtering option what to show in the firewall log page; like display only WAN items
-
Do you have aggressive state management enabled?
-
-
I would look to the machines on why they are creating the traffic, that 69 address is facebook related
api-read-slb-11-01-prn1.facebook.com
and 74 is la-in-f103.1e100.net, 1e100.net is google
You prob got some people running some facebook or google chat googledrive grap, etc.
-
I would look to the machines on why they are creating the traffic, that 69 address is facebook related
api-read-slb-11-01-prn1.facebook.com
and 74 is la-in-f103.1e100.net, 1e100.net is google
You prob got some people running some facebook or google chat googledrive grap, etc.
This household have androids phones with facebook and google stuff running all the time. But still, is on LAN. It should matter, right?
-
It shouldn't matter? Well its seems to matter to you - why did you bring it up?
I see weird traffic from my son's laptop every now and then if it bounces on and off wireless, or I kill the internet connection and then bring it back.
if your seeing a constant flood I would look into why.
-
It shouldn't matter? Well its seems to matter to you - why did you bring it up?
I ment, if I define allow LAN to all, then firewall should ignores whatever going on on the LAN interface. Logging/Blocking should totally ignores.