Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    @5 block drop in log inet all label "Default deny rule IPv4"

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 3 Posters 10.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      probie
      last edited by

      Greetings,

      I am running into this issue and can't seem to solve it.  After navigating through the forum, I can not find the solution.  Saw JimP suggestion to do the following but it did not help.
      <system>Advanced, Firewall/NAT Tab: Check "Bypass firewall rules for traffic on the same interface">

      Please help. My setting are: pfs2.1, 3 nic: WAN LAN2(172.17.17.0)/24, LAN1(172.19.19.0/20) with one static route.  I get it on both LAN interface.

      Thank you in advance.</system>

      1 Reply Last reply Reply Quote 0
      • M
        Matthias
        last edited by

        What exactly is your problem? Is traffic that you need to pass being blocked? You say you have 3 physical nics. The Bypass firewall rules for traffic on the same interface option shouldn't make a difference then. Where are you trying to get your traffic?

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          What is in the logs exactly?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • P
            probie
            last edited by

            Matthias/johnpoz

            I get a bunch of block message from the log saying IPs from subnet on LAN1 and LAN2 is being block to like port 80, 443, 993, and etc when there are no define rules to block them.

            blockrules.png
            blockrules.png_thumb

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              Those are common they are NOT syn.  I see them all the time as well from my son's phone mostly.

              https://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • P
                probie
                last edited by

                Thanks johnpoz.  I was reading further in the forum and saw yours and jimp's posting on the same link under a different topic header.  I guess this is normal.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.