Re: [pfSense Support] Bridging 4 auto MDIX eth interfaces for LAN zone doesn't work correct

Thu, 22 Jan 2009 10:10:08 -0800 

On Thu, Jan 22, 2009 at 12:36 PM, Dominik Schips <[email protected]> wrote:
> Hello,
>
> Am Mittwoch, den 21.01.2009, 19:49 +0100 schrieb Dominik Schips:
>> Hi,
>>
>> Am Mittwoch, den 14.01.2009, 23:06 -0500 schrieb Chris Buechler:
>> > On Wed, Jan 14, 2009 at 4:22 AM, Dominik Schips <[email protected]> wrote:
>>
>> > Are you seeing blocks in your firewall logs?  Your DHCP requests are
>> > not going to be sourced from your LAN subnet, so I'm guessing they're
>> > being blocked.
>
> This is the output if I request an IP with the LAN1 interface wich is
> brideged to LAN
>
> Jan 22 18:28:48 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:48 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:48 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:36 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:36 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:36 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:28 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:28 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:28 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:20 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:20 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:20 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:12 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:12 BRIDGE0 0.0.0.0:68 255.255.255.255:67 UDP
>
> Jan 22 18:28:12 LAN1 0.0.0.0:68 255.255.255.255:67 UDP
>
>
> Here is my rule for LAN1:
>
> Proto Source Port Destination Port Gateway
> *   LAN1 net   *   *   *   *
>
> What kind of rule do I need to allow a correct request for LAN1 /
> BRIDGE0 ?
>
> I tried
>
> *   *   *   LAN1 net   *   *
>
> but this doesn't solve the problem.
>

As you can see from the log, it's not source or destination of the LAN
subnet, which is what you're trying to use.  Add a rule that matches
what you see getting blocked.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Commercial support available - https://portal.pfsense.org

Reply via email to