Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Block happening on interface and I can't figure out why

    Firewalling
    2
    7
    1604
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Trel last edited by

      My logs show a number of blocks like this

      Date: May 10 11:05:51
      Interface: WIFI01
      Source: 176.16.2.102:57020
      Destination: <removed>:80  (non-lan)
      Type: TCP:FA

      It says the rule that's blocking it is the default block rule.

      However, I have a rule in place which is to allow Any protocol, WIFI01 source, any destination, so I'm not sure how there could possible be an outbound block.</removed>

      1 Reply Last reply Reply Quote 0
      • S
        SeventhSon last edited by

        Think you're running into this:
        http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

        1 Reply Last reply Reply Quote 0
        • T
          Trel last edited by

          @SeventhSon:

          Think you're running into this:
          http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

          I think that might be it.  Is there an explicit block rule I can make so I can avoid it being logged?

          1 Reply Last reply Reply Quote 0
          • S
            SeventhSon last edited by

            That would be the "Status: System logs: Settings:Log packets blocked by the default rule" option

            1 Reply Last reply Reply Quote 0
            • T
              Trel last edited by

              @SeventhSon:

              That would be the "Status: System logs: Settings:Log packets blocked by the default rule" option

              No, not that.  I want to see packets blocked by the default rule.  I just want to set up an explicit deny for THIS case so I can not log it.  I still want to be notified of anything else.
              (I only have the any rule setup for debugging)

              1 Reply Last reply Reply Quote 0
              • S
                SeventhSon last edited by

                I say you would still disable that and create an explicit deny at the end of your rules with logging, should work

                1 Reply Last reply Reply Quote 0
                • T
                  Trel last edited by

                  @SeventhSon:

                  I say you would still disable that and create an explicit deny at the end of your rules with logging, should work

                  Looks like I was thinking backwards.
                  Thanks, I'll do that.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2021 Rubicon Communications, LLC | Privacy Policy