Monday, 17 September 2012

Debugging pfsense firewall rules clearly and easily

  1. Status -> System logs -> Settings
    1. Make sure Log packets blocked by the default rule is not checked
    2. Check Show log entries in reverse order
    3. Increase to 500 Number of log entries to show
  2.  Status -> System logs -> Settings -> Firewall 
    1. Dynamic View
      1. You don't have to hit refresh
    2. Normal View
      1. Make sure to hit refresh if you expect a rule was triggered by your or others actions
  3. Firewall -> Rules
    1. Under the interface(s) you want to debug
      1. Create a default deny rule at the end of the rule list
        1. Choose Log packets that are handled by this rule
        2. Give the rule a very unique name
      2. For other rules you want to debug
        1. Choose Log packets that are handled by this rule
        2. Give the rule a very unique name
  4. Hang out on Status -> System logs -> Firewall -> Dynamic View
    1. Tweak rules until you see the result you desire
      1. Packets blocked that should be blocked
      2. Packets allowed that should be allowed
    2. Click on the red/green blocked/accepted icons
      1. Will show a pop-up for the rule triggered, showing the unique name you gave to the rule
        1. If necessary, go back and give more unique names to rules to distinguish them from one another
By at
Labels: , , , ,

2 comments:

Note: only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)

Interview questions: 2020-12

Terraform provider vs provisioner Load balancing Network Load Balancer vs Application Load Balancer  Networking Layer 1 vs Layer 4 haproxy u...