Skip to content

pfSense dropping packets from specific hosts (outdated bogons lists)

After a fresh pfSense install, I found out that traffic from specific hosts was being dropped when it should have been allowed based on the firewall rules I defined.

It turned out that the option "block bogon networks" was activated on the WAN interface, and that fresh pfSense images come with a slightly outdated bogon list.

If you are facing this problem, you have three options:

1. disable the "Block bogon networks" option at the bottom of the WAN interface page

2. after at most one week, the list will be updated automatically as long as the box is online (there is a cron entry, grep your config file for bogon)

3. if you don't want 1. and can't wait for 2, you can trigger the update process manually by running:
/etc/rc.update_bogons.sh 0
Check the output from the Status -> System Logs -> System page (I ran it from a serial console, but it should work fine by ssh or from the exec.php page too)


  • Twitter
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg pfSense dropping packets from specific hosts (outdated bogons lists)
  • Mixx pfSense dropping packets from specific hosts (outdated bogons lists)
  • Bloglines pfSense dropping packets from specific hosts (outdated bogons lists)
  • Technorati pfSense dropping packets from specific hosts (outdated bogons lists)
  • Fark this: pfSense dropping packets from specific hosts (outdated bogons lists)
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at YahooMyWeb
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at Furl.net
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at reddit.com
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at blinklist.com
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at Spurl.net
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at NewsVine
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at Simpy.com
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) at blogmarks
  • Bookmark pfSense dropping packets from specific hosts (outdated bogons lists) with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Print this article!
  • E-mail this story to a friend!
  • Identi.ca

Trackbacks

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

The author does not allow comments to this entry

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Form options