Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 14 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 14017 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[help]60001 again!

FrankBarmentlo 
2013:03:23-16:05:27 UTM ulogd[4440]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="4c:ac:a:12:14:4c" dstmac="0:22:15:33:22:fa" srcip="92.238.83.22" dstip="192.168.2.248" proto="17" length="105" tos="0x00" prec="0x00" ttl="115" srcport="15402" dstport="6112" 
2013:03:23-16:05:27 UTM ulogd[4440]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="4c:ac:a:12:14:4c" dstmac="0:22:15:33:22:fa" srcip="175.136.108.112" dstip="192.168.2.248" proto="17" length="108" tos="0x00" prec="0x00" ttl="107" srcport="6112" dstport="6112" 


how can I fix this? I already made those rules to accept the following traffic: 
those ports:
0:65###(full range) to 6112
6112 to 6112 
6112 to full range
are allowed from any to any. (Can't access the exact rules, needed to bypass as soon as possible.),
but it still get's dropped by rule 60001, what can I do to avoid this?


This thread was automatically locked due to age.
Parents
  • 0
    I am not sure what is relevant to solve this issue, so here is something to begin with:
    internal subnet: 192.168.254.0/24
    external subnet: 192.168.2.0/24
    I have a DMZ with this IP, since I can't either bridge or replace the ISP router.
    well, let's begin with the configuration:
    NAT:
    masquerading: internal(network) > external interface(primary address)
    no other NAT rules are in place(Disabled them to see if it helps fixing this issue),
    other modules:
    all modules have been disabled and the ASG restarted - no result
    only module left active is the firewall with a rule in place to allow everything from anywhere, to anywhere. also temporarily to conquer this issue.
    Firewall
    from the ~200 lines of firewall log lines, only 10 are not from rule "60001".

    2013:05:06-16:35:49 UTM-Frank ulogd[4463]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:22:15[:D]d:81:16" dstmac="0:c:f6[:D]:e5:72" srcip="192.168.254.2" dstip="192.168.254.1" proto="17" length="69" tos="0x00" prec="0x00" ttl="128" srcport="53708" dstport="53" 
    2013:05:06-16:35:49 UTM-Frank ulogd[4463]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:22:15[:D]d:81:16" dstmac="0:c:f6[:D]:e5:72" srcip="192.168.254.2" dstip="192.168.254.1" proto="17" length="67" tos="0x00" prec="0x00" ttl="128" srcport="56130" dstport="53" 
    2013:05:06-16:35:49 UTM-Frank ulogd[4463]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:22:15[:D]d:81:16" dstmac="0:c:f6[:D]:e5:72" srcip="192.168.254.2" dstip="192.168.254.1" proto="17" length="70" tos="0x00" prec="0x00" ttl="128" srcport="58534" dstport="53" 
    2013:05:06-16:35:49 UTM-Frank ulogd[4463]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:22:15[:D]d:81:16" dstmac="0:c:f6[:D]:e5:72" srcip="192.168.254.2" dstip="192.168.254.1" proto="17" length="64" tos="0x00" prec="0x00" ttl="128" srcport="64030" dstport="53" 

    those are just 3 out of 50 log lines I have.. they are all for dropping DNS,
    I am not sure why, since DNS worked before(tried NSlookup when I saw this.. not working)

    my dns config is as following:
    allowed networks: Internal(network)
    forwarders: 8.8.4.4/8.8.8.8
    "Use Forwarders assigned by ISP" is unchecked
    no request routes,
    2 static entries for my 2 static DHCP leases
  • 0 in reply to FrankBarmentlo
    Under Interfaces -> : Is the checkbox "Default Gateway" marked?

    Is anything configured under Interfaces -> Uplink balancing?

    What's the output from Support -> Tools -> Traceroute -> "google.de"?
    Can you post the Routes Table from Support -> Advanced?
Reply Children
No Data