Weird firewall logging entries (22.10)

Started by gctwnl, November 30, 2022, 02:43:19 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 30, 2022, 02:43:19 AM
I am looking at my newly set up OPNsense appliance, and I am wondering about some things I see. E.g.

A Mac on the local LAN gets a blocked action (LAN IN) on connecting to 17.57.146.41:5223 (some Apple push notfication port). Why? The rules say that from the LAN, everything may go out. It gets blocked by the Default deny / state violation rule. Is there a way to find out why OPNsense actually blocks it? Weirder still, at another moment it gets passed via the Default allow LAN to any rule.

I see it passing, then shortly thereafter the blocking happens for a while to the same address/port every 30secs or so (say 10 times for a total of 5 minutes
Print
Go Up Pages1
User actions