Author Topic: Rules question (Read 1941 times)

dcol · « **on:** February 19, 2018, 07:25:38 pm »

I have a rule that should pass traffic logged in the firewall.
Can anyone explain why this rule is not working? (See pics)
LAN2.net is 192.168.10.1/24

hutiucip · « **Reply #1 on:** February 19, 2018, 08:02:32 pm »

Try and see if replacing LAN2 net with CIDR solves the issue. (Encountered that for VPN interface FW rules, it works only with CIDR)

dcol · « **Reply #2 on:** February 19, 2018, 08:57:50 pm »

Tried the CIDR. Haven't seen that log entry since. So if that was it, then there must be an issue with the LAN2.net assignment. I am not using VLAN's.

But then again, I can't tell if these were real blocks or bad TCP flag blocks. We really need to see the TCP flags on firewall log entries. These logs are very confusing without it.

franco · « **Reply #3 on:** February 28, 2018, 08:16:19 am »

This will help the live log a bit (TCP flags in details), part of the upcoming 18.1.3:

https://github.com/opnsense/core/commit/dddfef4a

# opnsense-patch dddfef4a

More coming soon...

Cheers,
Franco

dcol · « **Reply #4 on:** February 28, 2018, 03:02:54 pm »

Thanks. Definitely a big help identifying those packets.
I would like to see the tcpflags in the actual live view also.

franco · « **Reply #5 on:** February 28, 2018, 03:22:28 pm »

Yes, that's what https://github.com/opnsense/core/issues/2195 is for soon. If a column is visible, the filtering for it also works.

Author Topic: Rules question (Read 1941 times)

dcol

Rules question

hutiucip

Re: Rules question

dcol

Re: Rules question

franco

Re: Rules question

dcol

Re: Rules question

franco

Re: Rules question