Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Logging Fragments

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 930 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Nucleus
      last edited by

      OK… I did a bit of searching for this and found a doc, but would like to be clear.

      In my firewall log I see entries like this:

      IF: LAN
      Source: Internal IP
      Destination: External IP and either port 443 or 80
      Proto: TCP

      The log message is:
      @3 scrub on ovpns2 all fragment reassemble
      @3 block drop in log inet all label "Default deny rule IPv4"

      ovpns2 is my OpenVPN server listening on TCP port 443
      WebGUI is on port 80 (internal only)

      The LAN interface has the default any any rule.

      The question is.... If states were being dropped shouldn't I see this originating on the WAN interface? The LAN interface should just be passing it...no? Also, why is my ovpns2 network port being listed here? Especially for traffic destined for port 80 - that really confuses me.

      I would really appreciate it if someone could explain this to me - and recommend the best way to remove it from my logs.

      Thank you for any help!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.