Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - MaxBishop

Pages: [1]
General Questions / (solved) Nessus vulnerability false positives
« on: February 07, 2018, 05:44:34 pm »
I am running version 2.4.2-RELEASE-p1 (amd64)

A Nessus scan shows several false positives identified as: pfSense < 2.1.1 Multiple Vulnerabilities

It reports my installed version as: unknown..0

My question is: is the current version of pfSense hiding its version?

Firewalling / Default LAN block: destination [ff02::fb]:5353
« on: August 07, 2017, 11:06:54 am »
I have a Verizon DSL Router between the internet and my pfsense router, ie the WAN is itself on a NAT'ed network.

The pfsense LAN is a private, non-hostile network. On the LAN interface I have unchecked Block private networks and loopback addresses. (If it matters, I have the Avahi package installed/enabled because I have Linux machines that use mdns in the nssswitch configuration.)

I am using the default LAN rules. In the LAN firewall logs, I have frequent Default deny rule IPv6 blocks appearing:

Source: A valid LAN IPv6 address
Destination: [ff02::fb]:5353

Is this default rule preventing broadcasts to the Verizon router's NAT and/or the outside world... or is it simply complicating my private network on the LAN side of my pfsense firewall?

Pages: [1]