Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
A rule that should not block on the firewall blocked something temporarily.
« previous
next »
Print
Pages: [
1
]
Author
Topic: A rule that should not block on the firewall blocked something temporarily. (Read 3206 times)
allebone
Sr. Member
Posts: 402
Karma: 34
A rule that should not block on the firewall blocked something temporarily.
«
on:
October 15, 2021, 09:59:12 pm »
Hi there,
I had a strange occurrence. I have rules that block certain IP's on my home network and an allow rule above this block rule that allows certain IP's that I dont want captured in the block.
Last night a netflix CDN IP was blocked . I noticed today (the next day) when reviewing the logs. However this IP was already in the allow rule. The effect this had was momentarily netflix would not work and I refreshed a few times and thought nothing of it. However I noticed today that IP was blocked and so I went to add it to the list of allowed IP's and discovered it was already in the list.
This means temporarily the rules did not function as expected last night. However there were no changes to the firewall and in fact I was not logged onto it at all either at that time or around that time (due to watching netflix).
Why would the firewall temporarily ignore a firewall rule? The problem seems to have resolved itself with no intervention. I have not added this IP later on into the alias of allowed IP's. I can confirm it was already in there and did not require a change to the firewall.
Kind regards
Pete
Logged
Napsterbater
Newbie
Posts: 33
Karma: 2
Re: A rule that should not block on the firewall blocked something temporarily.
«
Reply #1 on:
October 16, 2021, 12:06:34 am »
The rule allows TCP/UDP port 53, the connection blocked was on port 443 I.e. HTTPs or DoH
Actually nevermind, its hard to tell with that picture.
«
Last Edit: October 16, 2021, 12:08:31 am by Napsterbater
»
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: A rule that should not block on the firewall blocked something temporarily.
«
Reply #2 on:
October 16, 2021, 02:50:02 am »
No issue. The top rule allows out port 443 and the block rule below blocks any port (ie all ports *)
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: A rule that should not block on the firewall blocked something temporarily.
«
Reply #3 on:
October 16, 2021, 07:18:58 am »
hi
what tcp flags did these packages have? maybe the state was no longer there for some reason
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: A rule that should not block on the firewall blocked something temporarily.
«
Reply #4 on:
October 17, 2021, 03:39:48 am »
Actually I dont know the answer but I like this answer. It is an answer that makes sense to me. Im not sure how to interpret what flags would indicate this but here are a few of the packets. Do the flags indicate what you suggest?
It is an answer that would make sense to me. I included 1 packet that was legitimately blocked to compare. Its flag is S which is different.
P
«
Last Edit: October 17, 2021, 03:41:33 am by allebone
»
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: A rule that should not block on the firewall blocked something temporarily.
«
Reply #5 on:
October 17, 2021, 06:46:01 am »
Quote
Do the flags indicate what you suggest?
yep
https://forum.opnsense.org/index.php?topic=20219.msg93687#msg93687
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: A rule that should not block on the firewall blocked something temporarily.
«
Reply #6 on:
October 17, 2021, 04:22:02 pm »
Ok thanks.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
A rule that should not block on the firewall blocked something temporarily.