Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    My modem is appearing in my logs too often…

    Firewalling
    3
    7
    1397
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      smoothmove last edited by

      Hi folks, I have a modem which I have set up in bridged mode. My ISP feeds me vi PPPoE. I can still access the modems' web server for config purposes via it's own internal LAN IP, if I plug my laptop directly into one of the modems LAN ports. I've set the address of the modem to 10.10.10.10… I cannot ping/access this IP from behind my firewall.

      What I am querying, is that this IP is appearing constantly in my firewall logs as being blocked from the WAN interface. Is it normal for my modem to be showing up so often in the logs? That's pretty much all I see!

      This is what my setup broadly looks like...

      Modem (Bridged 10.10.10.10) -----> pfsense LAN (10.11.11.11) -----> mini-switch ----->PCs (10.11.11.x)
                                                            pfsense OPT (10.11.12.11) -----> wireless AP (10.11.12.12)

      I hope I've presented all the relevant info - I'm in a hurry to get out so apologies if I've omitted anything important but I can post back from my mobile device if any other info is needed!

      Thanks for the help in advance everyone!

      1 Reply Last reply Reply Quote 0
      • S
        smoothmove last edited by

        Was it something I said? Or indeed didn't say…? Hope someone can help. I've done some more searching but maybe I'm not using the right terms.

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator last edited by

          And what kind of traffic are you seeing.. What ports?  If you have block private enabled which is default and your wan sees traffic from rfc1918 addresses then yes it will block and log.

          You can adjust the firewall rules to not log what you want don't want to see in the logs, that ends up being just white noise, etc.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

          1 Reply Last reply Reply Quote 0
          • S
            smoothmove last edited by

            Of Course! Cheers johnpoz! One question though if I may…?
            When I'm editing the 'block private networks' rule on the WAN interface, I cannot find the option to disable logging. I see the greyed out blue i icon but no way to activate it. I'm probably just being really stupid mind you...

            1 Reply Last reply Reply Quote 0
            • johnpoz
              johnpoz LAYER 8 Global Moderator last edited by

              turn that off, I believe it logs if you enable that built in special rule.

              Here is the thing. default wan rule is to block all.  So even if you turn off block private IPs - they are still blocked ;) unless you allow them with rules.

              If stuff gets logged by the default block rule that you don't want - create special block rules that would block that traffic, and then don't log it.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis last edited by

                In 2.1 there are some new options in the Logs, Settings tab to allow you to choose if you want various default rules, or the block bogons and block private networks to log or not. Have a look there, I suspect some combination will be what you need.

                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                1 Reply Last reply Reply Quote 0
                • S
                  smoothmove last edited by

                  johnpoz/phil, thanks so much to you both for your help! I was going to create a custom rule but then I found the option in 'system logs>settings' to NOT log packets blocked by 'Block Private Networks' rules and that seems to have done what I'm after!

                  Cheers guys! Great help!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post