Firewall log

shuhdonk · Dec 5, 2015, 8:21 AM

Why does my firewall log have so many entries? This normal?

I have been having random disconnect issues, when this happens I cannot even bring up the pfsense web interface until it resolves whatever it is that happened and the internet comes back.


Last 50 firewall log entries.Max(50)
Act	Time	If	Source	Destination	Proto
 block/1000000103
Dec 4 18:02:19	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:PA
 block/1000000103
Dec 4 18:02:19	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:PA
 block/1000000103
Dec 4 18:02:19	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:FA
 block/1000000103
Dec 4 18:02:19	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:FPA
 block/1000000103
Dec 4 18:02:19	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:FPA
 block/1000000103
Dec 4 18:02:20	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:FPA
 block/1000000103
Dec 4 18:02:22	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:FPA
 block/1000000103
Dec 4 18:02:25	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 54.225.104.92:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21739	UDP
 block/1000000103
Dec 4 18:02:25	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 107.22.253.43:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:43122	UDP
 block/1000000103
Dec 4 18:02:25	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.194:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:31118	UDP
 block/1000000103
Dec 4 18:02:25	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.132:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21977	UDP
 block/1000000101
Dec 4 18:02:48	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000000101
Dec 4 18:02:48	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000000101
Dec 4 18:02:48	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000001581
Dec 4 18:02:49	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 10.180.64.1:67	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 255.255.255.255:68	UDP
 block/1000001581
Dec 4 18:02:49	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 10.180.64.1:67	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 255.255.255.255:68	UDP
 block/1000000103
Dec 4 18:02:51	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 212.83.148.113:57995	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:22	TCP:SEC
 block/1000000103
Dec 4 18:02:55	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 0.0.0.0	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 224.0.0.1	IGMP
 block/1000000103
Dec 4 18:03:04	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.132:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21977	UDP
 block/1000000103
Dec 4 18:03:04	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 107.22.253.43:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:43122	UDP
 block/1000000103
Dec 4 18:03:04	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 54.225.104.92:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21739	UDP
 block/1000000103
Dec 4 18:03:04	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.194:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:31118	UDP
 block/1000000103
Dec 4 18:03:06	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:48419	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 52.84.0.180:80	TCP:FA
 block/1000000101
Dec 4 18:03:33	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000000103
Dec 4 18:03:44	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 54.225.104.92:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21739	UDP
 block/1000000103
Dec 4 18:03:44	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.132:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21977	UDP
 block/1000000103
Dec 4 18:03:44	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.194:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:31118	UDP
 block/1000000103
Dec 4 18:03:44	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 107.22.253.43:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:43122	UDP
 block/1000000103
Dec 4 18:04:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:PA
 block/1000000103
Dec 4 18:04:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:FA
 block/1000000103
Dec 4 18:04:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:FA
 block/1000000103
Dec 4 18:04:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:PA
 block/1000000103
Dec 4 18:04:03	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:PA
 block/1000000103
Dec 4 18:04:04	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:PA
 block/1000000103
Dec 4 18:04:05	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 216.58.216.195:443	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:18527	TCP:PA
 block/1000000101
Dec 4 18:04:22	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000000103
Dec 4 18:04:23	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 107.22.253.43:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:43122	UDP
 block/1000000103
Dec 4 18:04:23	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 54.225.104.92:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21739	UDP
 block/1000000103
Dec 4 18:04:23	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.132:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21977	UDP
 block/1000000103
Dec 4 18:04:23	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.194:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:31118	UDP
 block/1000000101
Dec 4 18:04:29	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000000101
Dec 4 18:04:43	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 169.254.11.68:49152	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 239.255.255.250:1900	UDP
 block/1000000103
Dec 4 18:04:46	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:46778	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.206:443	TCP:PA
 block/1000000103
Dec 4 18:04:47	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:45091	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.197:443	TCP:FPA
 block/1000000103
Dec 4 18:04:47	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 192.168.1.27:46778	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 216.58.216.206:443	TCP:PA
 block/1000000103
Dec 4 18:05:00	LAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 0.0.0.0	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 224.0.0.1	IGMP
 block/1000000103
Dec 4 18:05:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.132:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21977	UDP
 block/1000000103
Dec 4 18:05:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 184.73.152.194:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:31118	UDP
 block/1000000103
Dec 4 18:05:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 107.22.253.43:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:43122	UDP
 block/1000000103
Dec 4 18:05:02	WAN	Icon Reverse Resolve with DNS  Icon Easy Rule: Add to Block List 54.225.104.92:31431	Icon Reverse Resolve with DNS  Icon Easy Rule: Pass this traffic 66.227.240.124:21739	UDP
Clear log

doktornotor · Dec 4, 2015, 11:47 PM

This shit is unreadable. There's the nifty feature to show which rule blocked what, and there's a nifty feature to show the rule descriptions in the GUI. Perhaps use it. And post some screenshot.

shuhdonk · Dec 5, 2015, 2:57 AM

@doktornotor:

This shit is unreadable. There's the nifty feature to show which rule blocked what, and there's a nifty feature to show the rule descriptions in the GUI. Perhaps use it. And post some screenshot.

Where is the nifty feature that shows which rule blocked what?

shuhdonk · Dec 5, 2015, 8:21 AM

here is a ss of the log.

KOM · Dec 6, 2015, 2:06 AM

The red X at the far left tells you the rule that blocked the traffic if you click on it. And yes, it's normal to have a lot of blocked traffic on WAN.