Greetings everyone,
I have noticed some strange behavior, I have setup a Bridge and setup
specific blocking rules for access to systems behind our firewall, I
also have explicit access rules for port 80:
pass in quick on $wan reply-to (em0 GATEWAYIP) proto tcp from any to
any port = 80 keep state label "USER_RULE: HTTP Port Allow Access"
at the bottom of the firewall rules I have this entry to allow
everything that I am not specifically blocking:
pass in quick on $wan reply-to (em0 GATEWAYIP) from any to any keep
state label "USER_RULE: Allow Everything Else"
On my internal interface of the bridge I have the following entry:
pass in quick on $InternalNetwork from any to any keep state label
"USER_RULE"
However I am seeing entries captured in my firewall logs where visitors
are being denied per the Default deny rule at the very bottom of the pf
rules.
My question is why are my explicit rules not capturing the entries
before it gets to the last rule? And also, how can I disable those two
rules or can they be disabled?
Thanks
Joe
--
This message has been scanned for viruses by Colocube's AV Scanner
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
