Netgate SG-1000 microFirewall

Author Topic: Firewall blocking TCP:R packets  (Read 4680 times)

0 Members and 1 Guest are viewing this topic.

Offline Slicer101

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Firewall blocking TCP:R packets
« on: June 15, 2009, 06:10:04 pm »
ok.. so here is my crazy issue that I can not seem to get worked out.

Firewall: NAT: Port Forward rule for port 25 SMTP from WAN interface --> Internernal IP of mail server port 25

Firewall: Rule setup to
Proto     Source     Port     Destination     Port         Gateway
TCP/UDP        *               *      10.0.0.10         25 (SMTP)      *

Now all INBOUND mail is working just fine. It is when I try to send an email that things stop working.

I see this in the firewall logs as being blocked by "Default deny rule" ..

Time               If                  Source         Destination             Proto
Jun 15 18:03:32     WAN     xx.xx.xx.xx:25     xx.xx.xx.xx:43402     TCP:R

What could I be missing...


Thanks

Slicer


Offline Slicer101

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: Firewall blocking TCP:R packets
« Reply #1 on: June 15, 2009, 07:11:39 pm »
 bump.... If I can not find out why this is going on soon I will have to move to something else rather than pfSense..

someone has to have seen this before...



Slicer

Offline geeknik

  • Full Member
  • ***
  • Posts: 100
  • Karma: +0/-0
    • View Profile
Re: Firewall blocking TCP:R packets
« Reply #2 on: June 15, 2009, 09:23:25 pm »
Mine is blocking TCP:R and TCP:F.  ???

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21548
  • Karma: +1469/-26
    • View Profile
Re: Firewall blocking TCP:R packets
« Reply #3 on: June 15, 2009, 10:59:44 pm »
Blocking TCP:R (Resets) and TCP:F (Fin) can be normal, and not indicative of the actual problem.

http://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection%2C_why%3F
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!