0

I have a hardware router running pfSense (version 2.3.2-RELEASE), and I am trying to get the Firewall configured. So far, I only have 2 ports connected, one for the WAN connection, and one for LAN. I presently only have 1 device connected on the LAN.

When I don't have any rules in the Firewall, and I try to ping google, I get no-result (as expected), and the logs show the Source IP address of the blocked connection is the LAN IP (in this case, 10.0.50.30).

However, when I create a rule in the LAN to allow connections from 10.0.50.30 to *, the Firewall logs show the Source IP address is the Routers WAN IP (in this case, 192.168.0.22), and the Interface that the rule was applied to has changed from LAN to WAN (WAN0 here, but that is just future naming for myself).

Additionally, I have opted for the Firewall Logs setting to show me the Rule that passed/blocked the connection in question, however it only shows one of the following:

  • let out anything from firewall host itself (10000010111)
  • Default deny rule IPv4 (1000000103)

screenshot from the firewall logs

Does anyone know what I need to change so that when a firewall rule passes a connection, it displays the LAN IP as the Source, instead of the NAT'd WAN IP?

topherg
  • 151
  • 2
  • 10

1 Answers1

0

I figured out what I was doing wrong in the end.

I had to go to the Firewall > Rules page, then for each Rule I was interested in getting REAL information for, I checked the Log packets that are handled by this rule checkbox, and now when a connection is allowed out through the Firewall, the correct rule description is shown, and the actual source IP is displayed.

The <code>Log packets that are handled by this rule</code> option

The Firewall log showing the entry for the passed rule

topherg
  • 151
  • 2
  • 10