[Solved] Packet loss after entering WAN
-
I have a problem that driving me crazy since a few days :
We host a mx relay for some domain but got a problème with reception from one important sender for our user. Rules work for everyone except them (as I know) and the "error" is quit strange : when a mail first packet arrive from their mx, I can see it on the WAN interface using tcpdump and filter on their IP, but I can't see any reply. If I check the firewall log, nothing seem to be blocked from this IP, but if I also use tcpdump on the LAN interface with thier IP as filter, nothing goes out ! It's like if the packet goes in pfsense but lost his way and don't go out :/
I tried to check all logs, rules, … but I do not have any hint on where it's blocking or where it's getting lost. If somebody got an idea to test or check, it would help a lot.
Tex
-
Sounds like you are using the pfBlocker package, and the sender's IP is on a blacklist of some sort.
-
Yep I use pfBlocker and I was wondering if it was the problem, go something similar some time ago. So I already add the IP to a "whitelist" in pfblocker that is on top of the rules, and I even tried to disable all pfblocker rules on the WAN but it did not work.
I also have a floating rule allowing everyone on port 25 in both way for the two interface with the "apply immediately" on. -
I have found the problem. The IP (his network) was liste in the Bogon Networks and they are blocked on our WAN interface. It seem that the bogons have not updated since sometime compared to a newer Firewall installation, even if the auto update was configured for monthly update. BTW the got their new network since june.
So I first disbabled the "block bogon", but rapidely I have run "/etc/rc.update_bogons.sh 0".Solved :)
