I'm not sure how to read the live pf log. It is blocking online video streaming and I don't have it set for blocking any and no web filter blocking or proxy stuff enabled either.

Thanks for the help!!

This is copied text from live log.

12:46:14 Default DROP 2
73.98.106.1
→
224.0.0.1

len=28 ttl=1 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2
12:47:14 Default DROP 2
73.98.106.1
→
224.0.0.1

len=28 ttl=1 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2
12:48:02 Packetfilter rule #1 TCP
192.168.1.104 : 2240
→
72.14.213.104 : 443

[SYN] len=48 ttl=127 tos=0x00 srcmac=00:01:02:71:e8:f2 dstmac=00:40:f4:58:9c:a7
12:48:13 SSH connection attempt TCP
24.72.76.8 : 61578
→
24.22.214.90 : 22

[SYN] len=60 ttl=49 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2
12:48:14 Default DROP 2
73.98.106.1
→
224.0.0.1

len=28 ttl=1 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2
12:49:14 Default DROP 2
73.98.106.1
→
224.0.0.1

len=28 ttl=1 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2

ok to start with you need to provide some info whenever you port a question/bug etc
What are the ip's disaplayed? Is any of them the external ip? (WAN).The ports according to your log that are blocked are https and ssh.

You have to set an allow rule to enable traffic to go through the firewall. By default it will block all traffic

__________________

• R.T.F.M. – A hitchhiker's guide to IT
  
• How To Ask Questions The Smart Way

Running Astaro ASG virtual appliance | Home power user 100 IP license
Intel Dual Core 2.4GHz (800MHz) | 4GB (2 x 2GB) PC2-6400 800Mhz 5-5-5-18 | WD 160GB |3 x Intel Pro/1000

I'd give the info if I knew it, and it does show the ip already.
I already have a rule to allow any.
Notice I say that I don't know how to read this. (((
Ok, lol, sorry. 192 is the only internal ip.

73.98.106.1 is not allowed to multicast

Your first packet filter rule is set to log passes, and it allowed your PC to contact 72.14.213.104 on port 443.
Someone at 24.72.76.8 is trying to SSH into the device at 24.22.214.90.

Cheers - Bob

__________________
ACE V7 - Astaro Preferred Partner since V3
Addicted to my iPhone!

the stuff worked from mac but not ipod touch.
stuff used to work on ipod before astaro and with my any rule at 1 i dont see whats wrong

is it possible to set up my ipod as dmz ? and my mac, can i make that dmz also?

They each can be given exceptions where necessary. What were you trying to do when you captured the lines above? Do you have the HTTP/S Proxy enabled?

Cheers - Bob

__________________
ACE V7 - Astaro Preferred Partner since V3
Addicted to my iPhone!

http proxy is on transparent , default. what do you mean when i captured the above info?
streaming video from a users ipod touch was blocked. then tested on a macbook pro and it worked. however before astaro ipod had no issues with any streaming video.

Just noticed external ip.
this is latest live pf log.
.251 ip is ipod touch. click to view streaming video loads in safari url bar the 209 ip which according to pf log is allowed right? then get error saying server not configured correctly and media won't load. worked before astaro now with the any service any destination source internal i am now confused as it should work i think. the packetfilter rule #1 is the allow anything rule to be allowed and work.

I don't know the other ip what it means in the log, specially DROP 2. The second rule in packetfilter is internal any, dns allow. added by installation wizard.

16:16:43 Packetfilter rule #1 TCP
192.168.1.251 : 49860
→
209.85.147.109 : 993

[SYN] len=64 ttl=63 tos=0x00 srcmac=00:01:02:71:e8:f2 dstmac=00:40:f4:58:9c:a7
16:16:44 Packetfilter rule #1 TCP
192.168.1.251 : 49861
→
209.85.147.109 : 993

[SYN] len=64 ttl=63 tos=0x00 srcmac=00:01:02:71:e8:f2 dstmac=00:40:f4:58:9c:a7
16:16:46 Packetfilter rule #1 TCP
192.168.1.251 : 49862
→
209.85.147.109 : 993

[SYN] len=64 ttl=63 tos=0x00 srcmac=00:01:02:71:e8:f2 dstmac=00:40:f4:58:9c:a7
16:17:16 Default DROP 2
73.98.106.1
→
224.0.0.1

len=28 ttl=1 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2
16:18:16 Default DROP 2
73.98.106.1
→
224.0.0.1

len=28 ttl=1 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:01:02:71:e8:f2

I wonder if AV scanning is doing anything. On my ipod tou9ch I tried to stream and up came the scanning download page. The vid wouldn't work. I don't have the AV set for streaming media either. So this just makes me wonder then because this doesn't happen when trying to stream from some stuff. The apple ipod thinks something is broken or something and won't play video. I guess for testing I could create a rule to say no scanning at all on the ipod touch, but I forget where to do that. I have to go hunting.

Still can't figure this. No streaming video works on my iPod. Not even you tube.

i had to enable my no scanning no security rule i have for game consoles, i had to add my ipod to it since i can't find the cause.