Ok rule 111 is the default in bound block rule.
Rule 78 is as follows:
@78 pass in quick on fxp2 inet proto tcp from any to 172.20.1.53 port =
http flags S/SA label USER_RULE: MAGIC1500 - HTTP
[ Evaluations: 1029 Packets: 2642 Bytes: 922487 States:
121 ]
This should allow the traffic that is being blocked by rule 111. I am
getting entries like below from many IP addresses. For some reason some
traffic is going through all right and some is not. As you can see
there are packets making it through on rule 78.
Any ideas?
Roy
-Original Message-
From: Scott Ullrich [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 17, 2005 11:16 AM
To: Roy Walker
Cc: support@pfsense.com
Subject: Re: [pfSense Support] Firewall is blocking traffic it shouldn't
pfctl -vvvsr from a command prompt (or status.php) lists the rules
with rule numbers.
On 8/17/05, Roy Walker [EMAIL PROTECTED] wrote:
Running pfsense 0.77.
Getting messages like the following:
pf: 140737 rule 111/0(match): block in on fxp2: yyy.yyy.yyy.yyy.4685
xxx.xxx.xxx.xxx:53.80: F 1151007775:1151007775(0) ack 682370803 win
3490
nop,nop,timestamp 42327615[|tcp]
The yyy is the external IP. The xxx is an internal IP for a web site.
There is a rule to allow traffic to the internal IP on port 80 from
any
source. Can someone tell me what rule 111 is and why it is blocking
this
traffic?
Thanx,
Roy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
