Hi, I''ve tweaked my rule sets to lower the amount of noise in the firewall logs. Mostly that works.
I'm seeing a fair number of entries looking like this: Feb 16 08:32:27 LAN 192.168.21.134:56385 173.194.XX.XX:443 TCP:FA It looks like a browser is trying to close a stale connection which has already timed out in PF. I've tried to create a rule that matches the TCP FA flags, but that does not seem to work. Whatever you set in the Advanced section for the TCP flags: the rule I get is this: block return in log quick on bridge0 inet proto tcp from 192.168.21.0/24 to any flags S/SA label "USER_RULE: Reject stale FA/FA packets" I'd expect FA/FA, which is what I specified. This is 2.0.1, BTW. -- Gé _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
