1
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
« on: January 06, 2024, 11:20:19 pm »
Sounds good. I'll disable them. Thank you doktornotor and cookiemonster for your help.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
« on: January 06, 2024, 09:40:35 pm »
Is the logging for every automatically generated rule (a count of 18+ rules) controlled by those two settings?
Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
3
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
« on: January 02, 2024, 11:37:24 pm »
It would be good for me to know what's getting blocked where the source and destination are not internal. For example, LAN to WAN and WAN to LAN blocked packets would be good to log. Is this possible?
4
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
« on: January 02, 2024, 09:12:36 pm »
I believe I found the setting (see link below) related to this rule. I wonder if disabling this option will have an adverse effect, preventing useful blocked entries from being recorded?
https://imgur.com/a/1cl64HG
https://imgur.com/a/1cl64HG
5
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
« on: January 02, 2024, 08:59:50 pm »
Is this an automatically generated rule? If so, it does not appear I can edit it.
https://imgur.com/a/2hudnTu
https://imgur.com/a/2hudnTu
6
23.7 Legacy Series / [SOLVED] OPNsense is logging many deny entries internally
« on: January 02, 2024, 03:57:29 am »
I'm noticing many log entries denying traffic between my Home Assistant VM (192.168.86.26) and Google Home Mini devices (192.168.84.110 and 192.168.84.100):
The amount of log entries related are in the thousands in just the last couple of days. I am not sure what's causing this, moreover it's making it a bit difficult to analyze the logs for blocked traffic.
Do you know what's causing this traffic to be blocked? If this is something that can be ignored, is it possible to prevent the rule from triggering and/or logging?
Code: [Select]
<134>1 2024-01-01T21:34:46-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283486"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4470,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:46-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283487"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4471,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:47-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283488"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4472,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:47-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283490"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4473,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:48-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283491"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4474,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:50-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283494"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4475,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:53-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283506"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4476,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:56-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283512"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4477,0,DF,6,tcp,307,192.168.86.26,192.168.84.110,38328,8009,255,FPA,2383448366:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:59-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283529"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4478,0,DF,6,tcp,435,192.168.86.26,192.168.84.110,38328,8009,383,FPA,2383448238:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:35:12-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283612"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4479,0,DF,6,tcp,435,192.168.86.26,192.168.84.110,38328,8009,383,FPA,2383448238:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:35:21-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283643"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4480,0,DF,6,tcp,52,192.168.86.26,192.168.84.110,38328,8009,0,A,,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:35:39-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283674"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4481,0,DF,6,tcp,435,192.168.86.26,192.168.84.110,38328,8009,383,FPA,2383448238:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:36:07-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283725"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4482,0,DF,6,tcp,52,192.168.86.26,192.168.84.110,38328,8009,0,A,,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:36:11-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283732"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.100,42176,8009,0,R,1183885780,,0,,
<134>1 2024-01-01T21:36:51-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283859"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:37:36-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283965"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:38:13-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284062"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.100,42176,8009,0,R,1183885780,,0,,
<134>1 2024-01-01T21:38:22-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284095"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:39:06-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284217"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:39:52-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284308"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,The amount of log entries related are in the thousands in just the last couple of days. I am not sure what's causing this, moreover it's making it a bit difficult to analyze the logs for blocked traffic.
Do you know what's causing this traffic to be blocked? If this is something that can be ignored, is it possible to prevent the rule from triggering and/or logging?
Pages: [1]