Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Default Deny / State Violation Help
« previous
next »
Print
Pages: [
1
]
Author
Topic: Default Deny / State Violation Help (Read 1888 times)
coleg06
Newbie
Posts: 1
Karma: 0
Default Deny / State Violation Help
«
on:
September 04, 2023, 02:23:47 am »
Hello!
I've been running OPNsense for awhile now and have started to experience some weird firewall behavior and didn't know if anyone could provide some guidance or point me in the right direction to fix it. Note: By started I don't mean like just after an update or something, it's seemed to be slowly becoming more and more of an issue.
For whatever reason, it seems as if the "Default deny / state violation rule" is blocking majority of my inbound traffic, at random.
It's blocking enough that a port forward for even an http server is unusable. I've looked through previous forum posts and looked on other sites online and can't seem to find a great answer besides "Your firewall rules / port forward rules are invalid" but from what I can tell, the rules I have are correct, which is why I'm unsure why this isn't working.
Just checked my uptime monitor and it says that it's been online about 5.93% this month. For comparison, my internet has 98.47% uptime.
I'm running OPNsense on a bare-metal dual-nic box and it's got a static IP. I have a similar setup in a datacenter and have noticed similar behavior (that setup is OPNsense running in a VM, also with static public IP)
My port forward rule looks like this:
Interface: WAN
Protocol: tcp
Source Address/Ports: *
Destination: WAN Address
Port: 80
IP: Local IP of webserver
Port: 80
Also letting it use the default NAT reflection as well as default filter rule association (which I believe it'll create a filter rule based on port forward).
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Default Deny / State Violation Help