On Tue 13 Feb 2018 10:09:41 NZDT +1300, Marco wrote: > I'm not really used to debugging with pfSense, especially the > logging features. What's the best way to check if that packet is > blocked by pfSense somehow?
Rules only log when the logging flag is ticked. Even then I dislike to rely on rules always logging when I need them to. I'd suggest you use the packet capture function of pfsense. Limit to the port(s) in question and it shows the traversing packets. It's reliable. Run it on the pfsense intrface connected to your server. The symptoms you describe (pfsense can see the server, a WAN host can't) could be explained by a messed up routing table on the server. The server can send packets back to the pfsense box because that IP is on its own interface's IP space as far as the server is concerned, but any WAN host would hit the server's gateway setting - if that is absent or wrong the server reply goes nowhere. Volker -- Volker Kuhlmann is list0570 with the domain in header. http://volker.top.geek.nz/ Please do not CC list postings to me. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
