Firewall Live view

Started by locus, March 02, 2026, 10:16:33 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 02, 2026, 10:16:33 AM
Hi,
I see a block action on my WAN interface in the firewall live view without a label which I didn't setup myself.
I don't have any rules in the firewall to block on the WAN interface, just the default.

Firewall settings are setup to only log packets blocked by Bogons and Private Networks.

So my confusion is: where does this block come from?
March 02, 2026, 03:28:11 PM #1
You lopped off the info button in your image (on the far right, normally)(and the opposite port). Is it present? What does it indicate? The popup also offers a rule link which may (or may not) be useful.
March 02, 2026, 05:40:34 PM #2
Quote from: locus on March 02, 2026, 10:16:33 AMSo my confusion is: where does this block come from?
Default Block Rule because it's traffic none of your Clients need/generated ?!
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Today at 05:02:38 PM #3
@pfry
The detailed rule info does not give anymore info. See screenshot

@nero355
Maybe, but how if I disabled the logging of matched default block rules?
Today at 05:37:04 PM #4
Quote from: locus on Today at 05:02:38 PM[...]The detailed rule info does not give anymore info.[...]

"Reason: ip-option". You may not even be hitting a rule. Also, is pppoe0 your "WAN"?
Today at 05:49:13 PM #5
pf has 3 spots dropping packets due to "PFRES_IPOPTIONS" and all of them have a "misc" debug message if you want to investigate. The IPv6 routing header seems to be a good offender ;)
Print
Go Up Pages1
User actions