Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    @5 block drop in log inet all label "Default deny rule IPv4"

    Firewalling
    3
    6
    9693
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      probie last edited by

      Greetings,

      I am running into this issue and can't seem to solve it.  After navigating through the forum, I can not find the solution.  Saw JimP suggestion to do the following but it did not help.
      <system>Advanced, Firewall/NAT Tab: Check "Bypass firewall rules for traffic on the same interface">

      Please help. My setting are: pfs2.1, 3 nic: WAN LAN2(172.17.17.0)/24, LAN1(172.19.19.0/20) with one static route.  I get it on both LAN interface.

      Thank you in advance.</system>

      1 Reply Last reply Reply Quote 0
      • M
        Matthias last edited by

        What exactly is your problem? Is traffic that you need to pass being blocked? You say you have 3 physical nics. The Bypass firewall rules for traffic on the same interface option shouldn't make a difference then. Where are you trying to get your traffic?

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator last edited by

          What is in the logs exactly?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

          1 Reply Last reply Reply Quote 0
          • P
            probie last edited by

            Matthias/johnpoz

            I get a bunch of block message from the log saying IPs from subnet on LAN1 and LAN2 is being block to like port 80, 443, 993, and etc when there are no define rules to block them.


            1 Reply Last reply Reply Quote 0
            • johnpoz
              johnpoz LAYER 8 Global Moderator last edited by

              Those are common they are NOT syn.  I see them all the time as well from my son's phone mostly.

              https://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

              1 Reply Last reply Reply Quote 0
              • P
                probie last edited by

                Thanks johnpoz.  I was reading further in the forum and saw yours and jimp's posting on the same link under a different topic header.  I guess this is normal.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post