Firewall all kinds of weird and spontaneous blocks on LAN
-
Why don't you change your rules back to default, and then show us some examples of what your seeing both wan and lan and we can go over what your seeing and if you want it to be logged or why its logged or how to not log it, etc. etc..
Well, it was relatively quite for a while, but I am getting depressed once again :'(
I've taken your recommendation some time ago and disabled all rules so I had only the defaults. From there on, once I got all these 'noise-messages' you don't want to see I added them one by one to the firewall, so we can see what is happening. I consolidated some of them into an alias to keep the overview. Currently, also, since a couple of days, my logs are literally flooded with Ipv6-messages, no clue why; it just suddenly started. Also, when you click on the red 'x' in the firewall log to see which rule it was, I think there are some bugs, as LAN-traffic according to the information from the red cross is blocked by a rule for VLAN40( :o).
I will post screenshots, and I will be in your debt once again if you could help me get rid of this, because not only is my log looking like a mess, so is my firewall rules screen.
Also, in the screen of the firewall, to my more than strange surprise, if I try to allow any * any * you will still see I had to add a any [port] any [port] rule to try to silence it. And then still sometimes it doesn't work :'(
I am going to add screenshots now.
-
IPv6 blocks on LAN (I edit part of the IPv6 address out since I suspect it to my my network MAC or something? (since googling within "" didn't return any hits).
These started a couple of days ago (I have no clue what triggered that) and are literally flooding my logs).
![002 - IPv6 on LAN blocks.jpg](/public/imported_attachments/1/002 - IPv6 on LAN blocks.jpg)
![002 - IPv6 on LAN blocks.jpg_thumb](/public/imported_attachments/1/002 - IPv6 on LAN blocks.jpg_thumb) -
Rule for VLAN40 is doing its thing on VLAN50 (?)
![003 - Rule for VLAN40 works on VLAN50.jpg](/public/imported_attachments/1/003 - Rule for VLAN40 works on VLAN50.jpg)
![003 - Rule for VLAN40 works on VLAN50.jpg_thumb](/public/imported_attachments/1/003 - Rule for VLAN40 works on VLAN50.jpg_thumb) -
Attached also the firewall rules for that VLAN50; I don't see any 'VLAN40' in here, so no clue why the previous weird picture.
![003 - Rule for VLAN40 works on VLAN50 -2.jpg](/public/imported_attachments/1/003 - Rule for VLAN40 works on VLAN50 -2.jpg)
![003 - Rule for VLAN40 works on VLAN50 -2.jpg_thumb](/public/imported_attachments/1/003 - Rule for VLAN40 works on VLAN50 -2.jpg_thumb) -
WAN2 (cable) blocked a private IP, but the destination is weird?
![005 - Bootpc on cable WAN.jpg](/public/imported_attachments/1/005 - Bootpc on cable WAN.jpg)
![005 - Bootpc on cable WAN.jpg_thumb](/public/imported_attachments/1/005 - Bootpc on cable WAN.jpg_thumb) -
Bootpc is bogon?
![004 - Bootpc is bogon.jpg](/public/imported_attachments/1/004 - Bootpc is bogon.jpg)
![004 - Bootpc is bogon.jpg_thumb](/public/imported_attachments/1/004 - Bootpc is bogon.jpg_thumb) -
NTP goes DNS.
![006 - NTP goes DNS.jpg](/public/imported_attachments/1/006 - NTP goes DNS.jpg)
![006 - NTP goes DNS.jpg_thumb](/public/imported_attachments/1/006 - NTP goes DNS.jpg_thumb) -
And the VLAN40 rules for the previous picture.
![008 - VLAN40.jpg](/public/imported_attachments/1/008 - VLAN40.jpg)
![008 - VLAN40.jpg_thumb](/public/imported_attachments/1/008 - VLAN40.jpg_thumb) -
Interfaces/WAN (VDSL).
![009 - Interfaces_WAN.jpg](/public/imported_attachments/1/009 - Interfaces_WAN.jpg)
![009 - Interfaces_WAN.jpg_thumb](/public/imported_attachments/1/009 - Interfaces_WAN.jpg_thumb) -
Interfaces/WAN2 (cable)
![010 - Interfaces_WAN2.jpg](/public/imported_attachments/1/010 - Interfaces_WAN2.jpg)
![010 - Interfaces_WAN2.jpg_thumb](/public/imported_attachments/1/010 - Interfaces_WAN2.jpg_thumb) -
Interfaces/LAN.
![011 - Intefaces - LAN.jpg](/public/imported_attachments/1/011 - Intefaces - LAN.jpg)
![011 - Intefaces - LAN.jpg_thumb](/public/imported_attachments/1/011 - Intefaces - LAN.jpg_thumb) -
Interfaces/VLAN40.
![012 - Intefaces - VLAN40.jpg](/public/imported_attachments/1/012 - Intefaces - VLAN40.jpg)
![012 - Intefaces - VLAN40.jpg_thumb](/public/imported_attachments/1/012 - Intefaces - VLAN40.jpg_thumb) -
Advanced/networking.
![013 - Advanced - Networking.jpg](/public/imported_attachments/1/013 - Advanced - Networking.jpg)
![013 - Advanced - Networking.jpg_thumb](/public/imported_attachments/1/013 - Advanced - Networking.jpg_thumb) -
System log settings.
![014 - SystemLog - Settings.jpg](/public/imported_attachments/1/014 - SystemLog - Settings.jpg)
![014 - SystemLog - Settings.jpg_thumb](/public/imported_attachments/1/014 - SystemLog - Settings.jpg_thumb) -
And, finally, the LAN rules in two parts (note the number of 'easy rules passed from firewall log view'. And even then they still aren't working, as the log is still flooded with IPv6 as shown in the first picture):
![007 - LAN-rules1.jpg](/public/imported_attachments/1/007 - LAN-rules1.jpg)
![007 - LAN-rules1.jpg_thumb](/public/imported_attachments/1/007 - LAN-rules1.jpg_thumb) -
LAN rules part 2:
![007 - LAN-rules2.jpg](/public/imported_attachments/1/007 - LAN-rules2.jpg)
![007 - LAN-rules2.jpg_thumb](/public/imported_attachments/1/007 - LAN-rules2.jpg_thumb) -
And finally, the multicast-alias in the LAN rules:
![015 - multicast alias.jpg](/public/imported_attachments/1/015 - multicast alias.jpg)
![015 - multicast alias.jpg_thumb](/public/imported_attachments/1/015 - multicast alias.jpg_thumb) -
So I will be feeling hugely indebted to everybody who can help me solve this, that goes without saying :P
(because it is driving me crazy, this flooding of logs which I am trying to fight with the firewall rules every day :-[).
Thank you in advance very much (really :-*),
Bye ;D
-
EDIT: I forgot one screenshot from the general system log. Errors 'finding Ipv6 gateway' (?) on both WAN and WAN2 (=opt4).
I should also add that I added this WAN2 a couple of days ago (I don't know exactly when anymore), and I also don't know if that is when the IPv6-flooding in the logs and the error in the attached picture began :-\
![016 - system log error.jpg](/public/imported_attachments/1/016 - system log error.jpg)
![016 - system log error.jpg_thumb](/public/imported_attachments/1/016 - system log error.jpg_thumb) -
Cry. WIFE is angry with me now :-[
This is happening as I was busy with my failover WAN:
![017 - WIFE complains.jpg](/public/imported_attachments/1/017 - WIFE complains.jpg)
![017 - WIFE complains.jpg_thumb](/public/imported_attachments/1/017 - WIFE complains.jpg_thumb)