2 parts, the important part is question 2.
I have pfsense 2.0.1 running in a VM, works fine. Installed the unbound DNS server. Kind of just forgot about it, because it's running great, logged in, and found in pftop that unbound is doing the following: 18:25:05.185579 IP 75.126.6.82.53 > 72.251.250.98.80: 53936 27/0/12 SOA[|domain] 18:25:05.185586 IP 75.126.6.82 > 72.251.250.98: udp 18:25:05.185743 IP 75.126.6.82 > 72.251.250.98: udp 18:25:05.508231 IP 72.251.250.98.80 > 75.126.6.82.53: 53940+ [1au] ANY? isc.org. Over and over and over, 11GB worth of data so far... So Question 1 is why. Question 2: But the more specific pfsense part is: I have a floating rule that says block quick on the WAN interface, all traffic both directions, any protocol, with 72.251.250.0/24, and log it. It's the first rule in the floating rule section. >From pfctl -sr: block drop log quick on em0 inet from 72.251.250.0/24 to any label "USER_RULE: FLT -- block excessive traffic from .98" However, nothing is logged, and the traffic is still going up. I have reloaded the filter ruleset. What am I missing?
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
