1. Home
  2. pfSense® Software
  3. Firewalling
  4. Private IP RFC1918 packets allowed to leak out

Private IP RFC1918 packets allowed to leak out

  • F

    I stumbled upon this thinking I was scanning my own network only to find my scan was run against someones cisco far far away.  My LAN uses a /24 network from the 10/8 range.  I scanned a single IP address with only the 3rd octet different.  (Not in my network but close.)

    The scan went out through my pfsense firewall and discovered someone elses router.  I traceroute it and its 5 hops away, through my ISP.

    Anyway, I still have the 2 default rules in my firewall set blocking private IP space.  Any idea how these packets got out?

    0
  • C

    Wow, your ISP shouldn't route RFC1918 space anywhere. Apparently they use it inside their network, likely one of their routers you were hitting.

    The block private networks only applies to the WAN interface, only for traffic initiated outside. If you want to keep RFC1918 packets from going out, put deny rules on your LAN as well.

    WAN rules, and the block private networks feature only apply to traffic initiated from the Internet. This traffic was initiated from your LAN, and your LAN rules allowed it.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy