Return to Level1Techs.com

pfSense port 80 becomes filtered on specific host after logins

#1

I’ve written a script that I’d like to run as a cronjob (maybe once a day) to back up my pfSense configuration / XML files. It includes the wget statements as in the following documentation –

https://docs.netgate.com/pfsense/en/latest/backup/remote-config-backup.html

And here’s the script –

Problem is, when I execute it a couple times from my host, suddenly port 80 becomes filtered.

(base) [email protected]:~# nmap -p 80 192.168.1.90

Starting Nmap 7.60 ( https://nmap.org ) at 2019-06-07 15:52 EDT
Nmap scan report for 192.168.1.90
Host is up (0.00054s latency).

PORT   STATE SERVICE
80/tcp open  http
MAC Address: 52:54:00:8D:0B:9D (QEMU virtual NIC)

Nmap done: 1 IP address (1 host up) scanned in 0.68 seconds

From a different host, however,

[email protected]:~# nmap -p 80 pfsense

Starting Nmap 7.60 ( https://nmap.org ) at 2019-06-07 19:13 UTC
Nmap scan report for pfsense (192.168.1.90)
Host is up (0.00093s latency).
rDNS record for 192.168.1.90: pfsense.bjd2385.com

PORT   STATE SERVICE
80/tcp open  http
MAC Address: 52:54:00:8D:0B:9D (QEMU virtual NIC)

Nmap done: 1 IP address (1 host up) scanned in 0.56 seconds

Port shows as open. Is there something that pfSense may be doing to block logins after so many? I can’t seem to find anything on it by Googling.

0 Likes

#2

I’d also note that, I’m aware, in that script, that I think I could have source'd my .profile instead of writing out all of the paths, but it’ll do for now.

0 Likes

#3

You could try disabling HTTP_REFERER enforcement in the advanced settings, I’m not sure if that would helps but it sounds like it might.

0 Likes

#4

Thanks for this suggestion!

I’ve checked out that page and I’m not sure if adding the IP I’m making these login (backup) requests from to the whitelist has resolved it, or if that was the original problem, but it seems to be working now.

(base) [email protected]:~/cronscripts# zfs list -t snapshot -ro name /homePool/home/VMs/pfSenseBackups
NAME
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]
homePool/home/VMs/[email protected]

Getting successful backups now every time I run it.

0 Likes