OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: dcol on February 19, 2018, 07:25:38 pm
-
I have a rule that should pass traffic logged in the firewall.
Can anyone explain why this rule is not working? (See pics)
LAN2.net is 192.168.10.1/24
-
Try and see if replacing LAN2 net with CIDR solves the issue. (Encountered that for VPN interface FW rules, it works only with CIDR)
-
Tried the CIDR. Haven't seen that log entry since. So if that was it, then there must be an issue with the LAN2.net assignment. I am not using VLAN's.
But then again, I can't tell if these were real blocks or bad TCP flag blocks. We really need to see the TCP flags on firewall log entries. These logs are very confusing without it.
-
This will help the live log a bit (TCP flags in details), part of the upcoming 18.1.3:
https://github.com/opnsense/core/commit/dddfef4a
# opnsense-patch dddfef4a
More coming soon...
Cheers,
Franco
-
Thanks. Definitely a big help identifying those packets.
I would like to see the tcpflags in the actual live view also.
-
Yes, that's what https://github.com/opnsense/core/issues/2195 is for soon. If a column is visible, the filtering for it also works. :)