OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of zenjubo »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - zenjubo

Pages: [1]
1
23.1 Legacy Series / Re: Internet bound traffic blocked on LAN
« on: April 24, 2023, 06:32:02 pm »
I can give that a shot but the IPs that are matching and getting blocked by the implicit deny are part of LAN net. So not sure if changing this to "any" will have much of an effect. And besides, this is the default LAN rules out of the box.

Fundamentally, what is not making sense is the traffic clearly matches the existing "allow all from LAN net" rule and the "Quick" option is ticked. So that should be sufficient for it to "Pass". But for some weird reasons, the firewall does not think there is a match and so is processing down the rules list until it hits the final implicit deny.

I am assuming rule ID 4 is the implicit deny at the end of the rules.

I am not sure what the rest of the fields in the filterlog represent and if they could shed a light on why the firewall did not match to the "allow all from LAN net" rule.

2
23.1 Legacy Series / Internet bound traffic blocked on LAN
« on: April 22, 2023, 05:45:49 pm »
I have a very traditional firewall setup using latest 23.1.6. It is running on an old Dell optiplex with a quad NIC. No virtualization, no VLANs. Even most of the OPNsense settings are using basic defaults. Basically nothing fancy I think.

I am seeing and trying to understand why some of the internal traffic for the interneet is getting blocked on the LAN. Here is an example of a filterlog showing one such block.

4,,,02f4bab031b57d1e30553ce08e0ec131,em2,match,block,in,4,0x0,,128,49330,0,DF,6,tcp,40,192.168.47.33,104.95.45.223,55739,443,0,RA,215397605,3654958231,0,,

em2 is the LAN. 192.168.47.33 is my desktop from which I am posting this topic. So not all traffic is blocked, just some per filterlog.

Attaching what the rules look like for LAN. This is basically the default from OPNsense.

I am not an expert at all the parameters in the filterlog. Perhaps one of these params has the reason OPNsense decided to block this particular traffic. For example, I think the leading 4 indicates it was blocked by rule #4 but I have no idea what is rule #4.

Thanks and let me know if you need any other details.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2