Firewall LAN rule issue
-
Hi,
Scenario -: I'm using pfsense 2.1. I was install pfsense, in firewall LAN rule section their is two default auto generated rules are created after installation of pfsense.
I had also attached screenshot of this.Problem -: I'm using DNS lookup for resolving hostname DNS & create alias for that host & add rule in firewall LAN i.e in Block state. All is working fine. I do several times, it works perfectly/fine.
Under firewall *LAN rule section, Under PORT, DESTINATION it shows _ this thing. When i was move cursor on tooltip it shows NULL. After that pfsense not providing internet to any machine.
I'm facing several times this problem then their is no option to solve out it.Only remaining option is format pfsense & reinsatll it. I know this is not the right way to solve out any problem but their is no option in front of me….Help me to resolve out & What was the cause??
-
Hello All,
Is anyone have solution for this. Please help me to getting out from this thing.
-
Don't know what you're asking. The screenshot looks like a standard, out-of-the-box LAN rule. So you say you just have to hover your mouse over one of the wildcard symbols ('*'), and it breaks your connection? If that's so I'd be inclined to think you have a problem with your installation - possibly a corrupt install? Having said that, it might just as easily be a dodgy ISP line and the mouse action you're referring to may have nothing to do with the problem at all. I'd be inclined to do a re-install - judging from your screenshot, it doesn't look like you have anything other than a standard installation here anyway, unless you have some custom WAN rules going on. In which case, back up your config, install a newer version (2.3) and re-import your rules.
-
why do people continue use such old versions 2.1 ??
That came out in 2013.. Even if he was using 2.1.5 its listed as "No longer supported" So I would suggest you install current, and then ask for help if having issues.
-
@ashi_220:
Hello All,
Is anyone have solution for this. Please help me to getting out from this thing.
Don't know what you're asking. The screenshot looks like a standard, out-of-the-box LAN rule. So you say you just have to hover your mouse over one of the wildcard symbols ('*'), and it breaks your connection? If that's so I'd be inclined to think you have a problem with your installation - possibly a corrupt install? Having said that, it might just as easily be a dodgy ISP line and the mouse action you're referring to may have nothing to do with the problem at all. I'd be inclined to do a re-install - judging from your screenshot, it doesn't look like you have anything other than a standard installation here anyway, unless you have some custom WAN rules going on. In which case, back up your config, install a newer version (2.3) and re-import your rules.
I was installed correctly my pfsense so many times, I'm not saying when i was move out cursor on wildcard symbol then it's losses internet connectivity.
The thing is that when i was using DNS lookup to resolve host name & create alias & also create LAN(Block) rule for that same alias to block that particular hostname, then it's random behaviour once under LAN rule section, cursor move to wildcard symbol ('*'), it shows me NULL as tooltip. After this connected machine to pfsense not able to get internet or looses internet connectivity.
I'm not using any custom WAN rule.. -
What packages are you guys having problems running?
-
Huh… So you create a block rule
"so create LAN(Block) rule for that same alias to block that particular hostname"
And then you wonder why this client can not get internet?
"After this connected machine to pfsense not able to get internet"
Huh?? That is exactly what you would expect if you block the client via a block rule.. What did you think was going to happen when you block a client??
Are you saying when your aliases fail to resolve the names in the aliases, then all internet stops? Sounds like your dns stopped to me.. So yeah if you are trying to resolve some hostname and dns is not working you wouldn't be able to resolve them. If dns is not working, then yeah internet no worky either ;)
-
Huh… So you create a block rule
"so create LAN(Block) rule for that same alias to block that particular hostname"
And then you wonder why this client can not get internet?
"After this connected machine to pfsense not able to get internet"
Huh?? That is exactly what you would expect if you block the client via a block rule.. What did you think was going to happen when you block a client??
Are you saying when your aliases fail to resolve the names in the aliases, then all internet stops? Sounds like your dns stopped to me.. So yeah if you are trying to resolve some hostname and dns is not working you wouldn't be able to resolve them. If dns is not working, then yeah internet no worky either ;)
Yeah you got exactly what i'm trying to say…:)
But when i was creating LAN(Block) rule for the same alias that created from DNS lookup. I expect that when i implement this type of thing then client not able to open that particular hostname & also able to get internet, they are able to access all hostname expect that one but that particular host should not be resolved or open at client side.
I'm not blocking any client IP, only block particular hostname (e.g. -: www.abc123.com).
Evenly DNS failed to stop then internet is available at all client machine then hostname is also resolvable at client machine. But in LAN rule under wildcard symbol() we get (_) also & it shows NULL to me. That's the point when due to this (_ ), internet to client machine & also pfsense looses internet connectivity.
