On each interface you have "Block bogon networks". Is that option active ?
On Fri, Oct 20, 2017 at 2:00 PM, Daniel <[email protected]> wrote: > Hi Everyone, > > > > actually i have an any/any rule applied on all my interfaces. This I did > actually only for debugging issues. > > But I can see that packets still get blocked: > > > > Oct 20 17:48:34 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,56,64553,0,DF,6,tcp,52,93.220.211.99,212. > 168.31.112,52498,80,0,FA,3467799626,3453635053,347,,nop;nop;TS > > Oct 20 17:48:34 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,56,64554,0,DF,6,tcp,52,93.220.211.99,212. > 168.31.112,52498,80,0,FA,3467799626,3453635053,347,,nop;nop;TS > > Oct 20 17:48:35 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,55,37998,0,DF,6,tcp,52,109.44.1.50,212.168. > 31.112,34675,443,0,FA,1545664688,2414488008,40,,nop;nop;TS > > Oct 20 17:48:35 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,56,64555,0,DF,6,tcp,52,93.220.211.99,212. > 168.31.112,52498,80,0,FA,3467799626,3453635053,347,,nop;nop;TS > > Oct 20 17:48:36 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,56,64556,0,DF,6,tcp,52,93.220.211.99,212. > 168.31.112,52498,80,0,FA,3467799626,3453635053,347,,nop;nop;TS > > Oct 20 17:48:38 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,56,64557,0,DF,6,tcp,52,93.220.211.99,212. > 168.31.112,52498,80,0,FA,3467799626,3453635053,347,,nop;nop;TS > > Oct 20 17:48:42 gw02 filterlog: 5,,,1000000103,igb0,match, > block,in,4,0x0,,56,64558,0,DF,6,tcp,52,93.220.211.99,212. > 168.31.112,52498,80,0,FA,3467799626,3453635053,347,,nop;nop;TS > > > > Why? Normaly all traffic can pass the interfaces. > > > > Main problem is that I have 1% packetloss when it pass the Intenet > connection to my Upstream. I have a second firewall configured identical > and here is no packetloss. > > I Changed all cables and so… I am absolutely without any glue what can > cause such a problem. > > > > Could it be a problem that I have serval different networks applied on one > Interface without vlans? > > I Realy don’t know what I can do. This issue is very hard and all thinks I > already tested doesn’t not help to fix the issue. > > > > Kernel Messages and logs also looking OK for me. > > > > Maybe someone can help me out and give me some ideas > > > > Cheers > > > > Daniel > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold -- Ivo R. Tonev +55 61 98409-2642 [email protected] _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
