I have a hardware router running pfSense (version 2.3.2-RELEASE), and I am trying to get the Firewall configured. So far, I only have 2 ports connected, one for the WAN connection, and one for LAN. I presently only have 1 device connected on the LAN.
When I don't have any rules in the Firewall, and I try to ping google, I get no-result (as expected), and the logs show the Source IP address of the blocked connection is the LAN IP (in this case, 10.0.50.30
).
However, when I create a rule in the LAN to allow connections from 10.0.50.30
to *
, the Firewall logs show the Source IP address is the Routers WAN IP (in this case, 192.168.0.22
), and the Interface that the rule was applied to has changed from LAN
to WAN
(WAN0
here, but that is just future naming for myself).
Additionally, I have opted for the Firewall Logs setting to show me the Rule that passed/blocked the connection in question, however it only shows one of the following:
- let out anything from firewall host itself (10000010111)
- Default deny rule IPv4 (1000000103)
Does anyone know what I need to change so that when a firewall rule passes a connection, it displays the LAN IP as the Source, instead of the NAT'd WAN IP?
Best Answer
I figured out what I was doing wrong in the end.
I had to go to the
Firewall
>Rules
page, then for each Rule I was interested in getting REAL information for, I checked theLog packets that are handled by this rule
checkbox, and now when a connection is allowed out through the Firewall, the correct rule description is shown, and the actual source IP is displayed.