4. Private IP RFC1918 packets allowed to leak out

Private IP RFC1918 packets allowed to leak out

  • F

    I stumbled upon this thinking I was scanning my own network only to find my scan was run against someones cisco far far away.  My LAN uses a /24 network from the 10/8 range.  I scanned a single IP address with only the 3rd octet different.  (Not in my network but close.)

    The scan went out through my pfsense firewall and discovered someone elses router.  I traceroute it and its 5 hops away, through my ISP.

    Anyway, I still have the 2 default rules in my firewall set blocking private IP space.  Any idea how these packets got out?

    0
  • C

    Wow, your ISP shouldn't route RFC1918 space anywhere. Apparently they use it inside their network, likely one of their routers you were hitting.

    The block private networks only applies to the WAN interface, only for traffic initiated outside. If you want to keep RFC1918 packets from going out, put deny rules on your LAN as well.

    WAN rules, and the block private networks feature only apply to traffic initiated from the Internet. This traffic was initiated from your LAN, and your LAN rules allowed it.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy