On 10-12-03 03:43 PM, Wakefield, Thad M. wrote:
Can you send me .pcap file with this packet please? Once I saw similar
problem when IP header had additional options. The packet just did not
follow my rule and that is it!
Thanks.
While capturing the packet for you, I discovered the problem. This traffic is
asymmetrical. This packet is a syn/ack packet. Since the pfsense doesn't see
the syn packet, I assume it blocks the packet when configured to keep state. Is
there an easy pfsense solution for asymmetrical traffic? Is a solution to
manually edit the pf rules file to allow the traffic out the bge0 interface?
you can't create rules for outgoing traffic using web-interface. You can
disable filtering at all but probably it is not what you want.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
