Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
unexpected "rdr rules" in the firewall log
« previous
next »
Print
Pages: [
1
]
Author
Topic: unexpected "rdr rules" in the firewall log (Read 9412 times)
JohnnyBeee
Jr. Member
Posts: 68
Karma: 0
unexpected "rdr rules" in the firewall log
«
on:
August 27, 2020, 02:31:47 pm »
OPNsense 20.7.1-amd64
FreeBSD 12.1-RELEASE-p8-HBSD
OpenSSL 1.1.1g 21 Apr 2020
Hi.
I have NAT forwarding for port 25 to my email server on the DMZ.
On the WAN interface I have a few rules that forbid connections from certain countries and after that a rule that allows connections from everywhere to my email server.
Now this strange thing happens:
When I activate logging for the blocking rules then they show as expected in the firewall as blocking access.
But when I deactivate logging they show with a label "rdr rule" in the firewall log.
Interface Time Source Destination Proto Label
wan Aug 27 14:22:25 193.169.254.107:56236 192.168.0.10:25 tcp rdr rule
The blocking works but these rules show up in the firewall log although I do not want to see them there.
Any ideas why those rules might show up as "rdr rules" in the FW log and how to not see those rules in the log?
Thanks.
Logged
JohnnyBeee
Jr. Member
Posts: 68
Karma: 0
Re: unexpected "rdr rules" in the firewall log
«
Reply #1 on:
August 28, 2020, 07:45:13 am »
No one? No ideas? Not a hint? Is this a completely unknown subject? Or can nobody be bothered?
If this is unknown I am starting to worry...
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: unexpected "rdr rules" in the firewall log
«
Reply #2 on:
August 28, 2020, 08:12:04 am »
did you enable logging on port forward rule?
Logged
JohnnyBeee
Jr. Member
Posts: 68
Karma: 0
Re: unexpected "rdr rules" in the firewall log
«
Reply #3 on:
August 28, 2020, 10:05:46 am »
Hmmm, you got me twice in a day
Logging was activated on the port forward rule. That was it.
It has possibly crept back in when I de-associated the firewall rule.
But why does the rdr rule not show in the logs when a non associated firewall rule has logging activated?
Thanks for your help
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: unexpected "rdr rules" in the firewall log
«
Reply #4 on:
August 28, 2020, 05:44:30 pm »
im not pflog guru but it looks like pflog logging packet once. so if fw rule logging enabled it "overwrites" rdr record.
and when you remove "log" from fw-rule it starts to write log from rdr-rule
Logged
JohnnyBeee
Jr. Member
Posts: 68
Karma: 0
Re: unexpected "rdr rules" in the firewall log
«
Reply #5 on:
August 29, 2020, 11:13:33 am »
Thanks a lot. It all starts to make sense now
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
unexpected "rdr rules" in the firewall log