Ok rule 111 is the default in bound block rule. Rule 78 is as follows:
@78 pass in quick on fxp2 inet proto tcp from any to 172.20.1.53 port = http flags S/SA label "USER_RULE: MAGIC1500 - HTTP" [ Evaluations: 1029 Packets: 2642 Bytes: 922487 States: 121 ] This should allow the traffic that is being blocked by rule 111. I am getting entries like below from many IP addresses. For some reason some traffic is going through all right and some is not. As you can see there are packets making it through on rule 78. Any ideas? Roy -----Original Message----- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 17, 2005 11:16 AM To: Roy Walker Cc: support@pfsense.com Subject: Re: [pfSense Support] Firewall is blocking traffic it shouldn't pfctl -vvvsr from a command prompt (or status.php) lists the rules with rule numbers. On 8/17/05, Roy Walker <[EMAIL PROTECTED]> wrote: > > > > Running pfsense 0.77. > > > > Getting messages like the following: > > > > pf: 140737 rule 111/0(match): block in on fxp2: yyy.yyy.yyy.yyy.4685 > > xxx.xxx.xxx.xxx:53.80: F 1151007775:1151007775(0) ack 682370803 win 3490 > <nop,nop,timestamp 42327615[|tcp]> > > > > The yyy is the external IP. The xxx is an internal IP for a web site. > There is a rule to allow traffic to the internal IP on port 80 from any > source. Can someone tell me what rule 111 is and why it is blocking this > traffic? > > > > Thanx, > > Roy --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]