Netgate SG-1000 microFirewall

Author Topic: @5(1000000103) block drop in log inet all label "Default deny rule IPv4".  (Read 155 times)

0 Members and 1 Guest are viewing this topic.

Offline rahmadilahi96

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Hello, all
i'm a new user in pfsense, and i have a problem.
initially all clients can connect to the internet, but after some time arrived "all clients can not connect again, but still can ping to google dns like 8.8.8.8 and 8.8.4.4.
when I look in the system logs menu, I see that the LAN interface is blocked with a comment like the following
@5(1000000103) block drop in log inet all label "Default deny rule IPv4"
Anyone can help me please...

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15180
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: @5(1000000103) block drop in log inet all label "Default deny rule IPv4".
« Reply #1 on: February 04, 2018, 05:26:26 am »
your traffic is asymetrical? There would be no reason for traffic to be blocked on lan with default any any rule unless the states go away and no pfsense does not know about the state, asymmetrical could cause this.  Or your flushing the states?  Your gateway went down and you state table flushed?

If your gateway is up down, etc.. turn off flushing states...  If you have pfsense set to flush states on gateway down, then clients would be blocked until they open a new session via SYN to where they are going..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline rahmadilahi96

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: @5(1000000103) block drop in log inet all label "Default deny rule IPv4".
« Reply #2 on: February 04, 2018, 06:23:55 am »
Where I can find that setting ? ;D :D

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15180
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: @5(1000000103) block drop in log inet all label "Default deny rule IPv4".
« Reply #3 on: February 04, 2018, 06:33:26 am »
System / Advanced / Miscellaneous
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline rahmadilahi96

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: @5(1000000103) block drop in log inet all label "Default deny rule IPv4".
« Reply #4 on: February 04, 2018, 06:47:48 am »
Ok, Thank you for the help and response @johnpoz :)