Topics

1

18.7 Legacy Series / android adb rules firing inconsistently

« on: November 19, 2018, 12:29:53 am »

my first time working with android adb and i can't figure out why the LAN firewall rule to port 5555 is firing inconsistently.  the 2.220 host (tinkerboard) is behind a gateway (ddwrt).  any ideas why the second and third packets below would skip the rule entirely?

Code: [Select]

$ ifconfig | grep inet
inet 192.168.1.232 netmask 0xffffff00 broadcast 192.168.1.255
$ adb connect 192.168.2.220         
failed to connect to 192.168.2.220:5555
$ ping 192.168.2.220
PING 192.168.2.220 (192.168.2.220): 56 data bytes
64 bytes from 192.168.2.220: icmp_seq=0 ttl=63 time=10.513 ms
64 bytes from 192.168.2.220: icmp_seq=1 ttl=63 time=8.080 ms


__timestamp__	11/18/18 17:55:54	11/18/18 17:55:54	11/18/18 17:55:53
ack		190817746	190817746
action	[pass]	[block]	[block]
anchorname
datalen	0	0	0
dir	[in]	[in]	[in]
dst	192.168.2.220	192.168.2.220	192.168.2.220
dstport	5555	5555	5555
ecn
id	0	0	5636
interface	igb2	igb2	igb2
ipflags	DF	DF	none
label	USER_RULE: allow LAN to tinkerboard	USER_RULE: default block IPv4 LAN	USER_RULE: default block IPv4 LAN
length	64	40	40
offset	0	0	0
proto	6	6	6
protoname	tcp	tcp	tcp
reason	match	match	match
ridentifier	0	0	0
rulenr	122	124	124
seq	3901304184	3330648330
src	192.168.1.232	192.168.1.232	192.168.1.232
srcport	49965	49910	49910
subrulenr
tcpflags	S	RA	A
tcpopts
tos	0x0	0x0	0x0
ttl	64	64	64
urp	65535	2058	2058
version	4	4	4

2

General Discussion / firewall aliases in live view?

« on: November 15, 2018, 02:13:24 pm »

hello i think i remember reading about alias enhancements in one of the recent releases ..

is there some way to translate ip addresses back to aliases or local domain names in the Firewall: Log Files: Live View?

or can i set up remote logging to do this somehow?

3

18.7 Legacy Series / openvpn client disconnects

« on: September 29, 2018, 06:59:10 pm »

hello i am trying to replace a ddwrt/atheros router with opnsense/esxi/x86.   to provide openvpn client to nordvpn.  i followed these pfsense configuration instructions (https://nordvpn.com/tutorials/pfsense/pfsense-openvpn/) as closely as possible.  the openvpn client connects but then disconnects .. any advice what i can try?


compression: enabled without adaptive

advanced options:

Code: [Select]

vtls-client;
remote-random;
tun-mtu 1500;
tun-mtu-extra 32;
mssfix 1450;
persist-key;
persist-tun;
reneg-sec 0;
remote-cert-tls server;
auth-retry nointeract;


Code: [Select]

Sep 29 12:44:41 openvpn[49048]: MANAGEMENT: Client disconnected
Sep 29 12:44:41 openvpn[49048]: MANAGEMENT: CMD 'status 2'
Sep 29 12:44:41 openvpn[49048]: MANAGEMENT: CMD 'state all'
Sep 29 12:44:41 openvpn[49048]: MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Sep 29 12:44:31 openvpn[49048]: Initialization Sequence Completed

 

4

General Discussion / [SOLVED] Firewall: Log Files: Live View

« on: September 10, 2018, 03:45:21 pm »

hello is it possible to change the defaults (25, auto refresh) for the live view? thank you

5

18.7 Legacy Series / openvpn vs ipsec ikev2

« on: August 30, 2018, 12:10:03 am »

hello - i am planning a new build of 18.7 on a qotom-Q375G4  (Intel Core i7 5500U incl AES-NI, 8GB RAM).  for vpn client should i use openvpn or ipsec ikev2? will opnsense support one protocol better than the other?  which will provide better throughput?  thanks