4. Pf blocking openvpn UDP requests on bridge0

Pf blocking openvpn UDP requests on bridge0

  • D

    So I've been swearing at PF ever since I tried bridging my LAN to my openvpn segment. I didn't understand as no firewall rules were defined and all traffic was allowed to flow freely between LAN, openvpn and bridge interfaces (I only have one rule defined according to the webgui which allows everything to everywhere).

    Now I couldn't seem to ping from my LAN to VPN segment, but it worked vice versa. In the end I just did a pflog and noted the following entries while I was running ICMP:

    00:00:00.999932 rule 3/0(match): block in on bridge0: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
    10.25.24.1 > 10.25.255.12: ICMP echo request, id 31704, seq 3, length 64
00:00:01.000033 rule 3/0(match): block in on bridge0: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
    10.25.24.1 > 10.25.255.12: ICMP echo request, id 31704, seq 4, length 64
00:00:01.000173 rule 3/0(match): block in on bridge0: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
    10.25.24.1 > 10.25.255.12: ICMP echo request, id 31704, seq 5, length 64

    But I have no rules defined for bridge0 except allow any to any, so I'm a bit flabbergasted that the traffic gets blocked on the bridge. Can anyone clarify if this is a bug or if missed a setting somewhere?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy