OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: JohnnyBeee on August 09, 2018, 08:40:21 am
-
I checked my firewall log and noticed the occasional entry for blocked connections from devices on my LAN to the internet or even to my DMZ due to the "Default deny rule".
Examples:
lan Aug 9 07:34:55 192.168.1.oo:23916 104.95.229.140:443 tcp Default deny rule
lan Aug 9 07:17:23 192.168.1.nn:57579 52.85.221.90:80 tcp Default deny rule
lan Aug 9 05:53:22 192.168.1.nn:52329 192.168.3.xx:80 tcp Default deny rule
I checked the connection from the LAN device 192.168.1.nn to the DMZ (192.168.3.xx:80) and it worked.
How can this default rule apply to those connections and not to all my connections?
Where can we check these default rules and possibly change them?
-
When the connections operate outside of the state tracking plausibility bounds they will be terminated by the default rule. It can happen with loops, excessive retransmissions or asymmetric traffic.
You can turn off state tracking if this is relevant or inspect the involved networks / devices for network setup issues.
Cheers,
Franco
-
When the connections operate outside of the state tracking plausibility bounds they will be terminated by the default rule. It can happen with loops, excessive retransmissions or asymmetric traffic.
You can turn off state tracking if this is relevant or inspect the involved networks / devices for network setup issues.
Cheers,
Franco
Thank you.
How do I turn off state tracking?
-
In the pass rule that is supposed to pass your traffic go to advanced settings, change state tracking to "none".
Cheers,
Franco