Hi all,
got a problem in pfsense 1.2.3 which i dont understand:
IPsec is running routing a remote subnet 10.21.40.0/24 to our local one.
All traffic works fine except a single packet which is generated by a
nagios check_http plugin. In the syslog i see the following:
pf: 220461 rule 155/0(match): block in on em0: (tos 0x0, ttl 64, id
21570, offset 0, flags [DF], proto TCP (6), length 52)
192.168.221.203.45246 > 10.21.40.15.80: F, cksum 0x29b8 (correct),
0:0(0) ack 1 win 92 <nop,nop,timestamp 2659651641 3461937908>
I already tcpdump'ed the traffic and viewed it in wireshark. You can
download the packetcapture.cap from
http://www.cs-ol.de/dl/packetcapture.cap
It a packet with an ACK followed by some packets with FIN/ACK.
Anyone knows why pfsense blocks this packet with the default deny rule?
What can i do to let it go through the packet filter? All access from
LAN to * is permitted.
Gruss Udo Müller
--
ComputerService Udo Müller Tel.: 04222-807240
Marderweg 23 Mobil: 01520-8895409
27777 Ganderkesee
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
