pfSense Support Subscription

Author Topic: Puzzle - Why does Minecraft get through?  (Read 2701 times)

0 Members and 1 Guest are viewing this topic.

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Puzzle - Why does Minecraft get through?
« on: June 20, 2012, 10:33:42 pm »
Hello All!

My first post here and I have been trawling for any information on my problem and have not found any.  (Does not mean they are not there - just I cannot see them perhaps for looking).

In simple form, I can set rules on the pfBox and kill 99% of traffic without any dramas.  Ping IP, resolving domain names sending and receiving emails all stop.  BUT!  I cannot block Minecraft and some other games - ARMA II on Steam for example.  Minecraft works on Java so is there something different I ought to be doing?  Even removing the "Default allow any to LAN" rule does not stop it from talking to servers.

I created "floating rules" aimed at the specific IP of the machine my son uses (when he ought to be studying - yeah, there is the reason) and my own so I can check something is being blocked.  Also WAN side but I honestly would have thought selecting the IP (or even alias for his two machines), then selecting 'any' as the protocol and 'any' for the destination ought to have stopped it.

LAN topography is AG300 [192.168.2.1] => pfSense BOX [192.168.1.1] => NetGear 8 port switch then to all machines. [Win, Linux, Mac, PS3].  Logs show that the rules are applied and testing proves that they are.  All machines loose access but all machines running MCraft still run it and it still talks to the servers.

Short of stopping the pfBox or removing the cable or taking the machine off him [not an option as he uses it for school work - but other means are still available] I am stuck.

Any assistance would be much appreciated.  All else with pfSense seems to be flying nicely.

I shall keep working on it and post when / if I find a solution!

Have fun!

Oz
« Last Edit: June 20, 2012, 10:39:53 pm by OzRattler »

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #1 on: September 15, 2012, 12:27:04 am »
Hello All!

While there were no replies, I only take that as indicating my problem was odd and specific to me!

Solution (no laughing) was to change subnets plus IP range (I think) as I have moved to bridging the modem therefore unless approved, no one could see the web.

Have fun!

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 2888
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #2 on: September 16, 2012, 07:57:20 am »
So where were these other devices actually connected.  Sine you were using a nat router before your pfsense, if they were plugged into the ag300, then yeah you could block until your blue in the face on pfsense and it would have nothing to do with internet access at all.

did you have the ag300 directly connected to your netgear switch??
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Have I helped you, want to say thanks?  Donate to pfsense the cost of a beer http://pfsense.org/donate.html

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #3 on: September 16, 2012, 07:59:58 pm »
No.  All were devices were connected through pfSense.  AG300 was not connected to the switch.  Only LAN path to the switch was through pfSense.
 
Interestingly, other rules had been failing but are now working after I stopped, changed the IP address of pfSense and then restarted.  I have had to do this as I am getting random drop-outs when connecting through pfSense.  [I have another post on this drama under PPPoE on the forum]

So now I am of the opinion that the rule works once I have restarted it..........   I will test that ONCE I sort out the dropping out.

[AG300 died, now useing TD-8817]

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #4 on: September 16, 2012, 08:00:30 pm »
No.  All were devices were connected through pfSense.  AG300 was not connected to the switch.  Only LAN path to the switch was through pfSense.
 
Interestingly, other rules had been failing but are now working after I stopped, changed the IP address of pfSense and then restarted.  I have had to do this as I am getting random drop-outs when connecting through pfSense.  [I have another post on this drama under PPPoE on the forum]

So now I am of the opinion that the rule works once I have restarted it..........   I will test that ONCE I sort out the dropping out.

[AG300 died, now useing TD-8817]

Offline joako

  • Full Member
  • ***
  • Posts: 139
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #5 on: September 16, 2012, 09:34:17 pm »
Try to clear states table, because if a session is established the new firewall rule will not block existing states, only prevent new ones if the match the rule.

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #6 on: September 20, 2012, 08:17:12 pm »
Try to clear states table, because if a session is established the new firewall rule will not block existing states, only prevent new ones if the match the rule.

Thanks and shall do.   I suspect that is the case as restarting the entire network blocked other services but I confess to not seeing if MC was blocked............and with school holidays kicking off, MC might be a handy distraction for the kids. 

Offline podilarius

  • Hero Member
  • *****
  • Posts: 1763
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #7 on: September 27, 2012, 01:26:47 pm »
Are you blocking all minecraft servers? As I understand minecraft, there are many public and private servers. I don't know for sure because I have not played, but is there a central registration machine and if you have connected to it before, it saves the connection details. So even if you block access to the central meta server, you will still have to block access to these servers. Does mine craft run on a particular port or is it up to the server owner like continuum or similar? It makes it very hard to block all that with a FW. It is probably possible to block the server lists to from listing, and you would need to check each server saved and block that. Then you just have manually entered servers to worry about. Seems like for that you would need a domain and an ISA fw to block the executable.

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #8 on: October 02, 2012, 01:37:42 am »
There are two that are specifically played - has donated to and is a MOD on.  I have those blocked and those are the ones that still get through.  I have even gone to blocking the ports but since I know the IP and ports, it should be impossible to reach them.

Offline podilarius

  • Hero Member
  • *****
  • Posts: 1763
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #9 on: October 02, 2012, 05:00:35 am »
Like others have said, if you clear the state tables after applying the block can MC still be played?

Offline OzRattler

  • Newbie
  • *
  • Posts: 23
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #10 on: April 14, 2013, 06:46:46 pm »
It has been a while and thought it ideal to pop back and update.

Clear the states manually and the session terminates.  Allow the rules to work themselves, and it does not.   This also applies to ARMA II and friends.

???

Offline podilarius

  • Hero Member
  • *****
  • Posts: 1763
    • View Profile
Re: Puzzle - Why does Minecraft get through?
« Reply #11 on: April 14, 2013, 09:02:01 pm »
Perhaps, you could use a cron job to clear states for those rules. Note sure exactly how, but it might work.