QuFirewall - The number of packets denied access has reached the limit of 30.

Don't miss a thing. Post your questions and discussion about other uncategorized NAS features here.
Post Reply
RobLatour
Starting out
Posts: 22
Joined: Sat Nov 26, 2016 12:49 am

QuFirewall - The number of packets denied access has reached the limit of 30.

Post by RobLatour » Tue Nov 17, 2020 4:25 am

I installed Security Counselor and QuFirewall last week and keep getting this message "The number of packets denied access has reached the limit of 30." again and again. Also QuFirewalls says "Denied access to 2641 packets in the last 24 hours.".

Not sure what this all means? Is it normal? Any actions I should be taking?

User avatar
dolbyman
Guru
Posts: 20463
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by dolbyman » Tue Nov 17, 2020 4:44 am

is you NAS exposed to WAN ?

djwoody
Starting out
Posts: 18
Joined: Sat Jan 14, 2017 5:36 pm

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by djwoody » Tue Nov 17, 2020 8:53 pm

I also have these messages. Very annoying.
Looks like it relating to the IP 127.0.0.1.

I can change the notification settings to not see them every hour but I am curious, why are they coming up and how to fix the error.

User avatar
dolbyman
Guru
Posts: 20463
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by dolbyman » Tue Nov 17, 2020 9:54 pm

open a ticket with qnap and ask them

infovisats
First post
Posts: 1
Joined: Fri Jan 18, 2019 8:46 pm

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by infovisats » Sun Nov 22, 2020 9:24 pm

Same here, my Nas is sending the "[QuFirewall] The number of packets denied access has reached the limit of 30" message every hour after upgrading to last firmware.
Qnap 431x2

masher_uk
New here
Posts: 4
Joined: Mon Nov 23, 2020 1:34 am

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by masher_uk » Mon Nov 23, 2020 1:42 am

Hi, Newbie here. I'm getting the same issue. Any guidance appreciated - thanks.

TS-453B, No WAN access, 'Include Subnets only' selected, ie:

All Any ANY 127.0.0.1/32 Allow
Adapter 1 Any ANY 192.168.1.0/24 Allow
Application (0) Allow
All Any ANY Any Deny
IP access protection (0) Deny

masher_uk
New here
Posts: 4
Joined: Mon Nov 23, 2020 1:34 am

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by masher_uk » Thu Nov 26, 2020 7:07 am

OK so I’ve done some more investigating using the ‘Capture Events’ facility within QU Firewall and discovered that the source of the problem is my two Sony smart TVs which are repeatedly sending out the following DHCP requests (70 each per half hour):
Nov 25 12:58:23 MASTER RULE=2 ACT=DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:38:18:4c:xx:xx:xx:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=330 TOS=10 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=68 DPT=67 LEN=310 MARK=0
Nov 25 12:58:28 MASTER RULE=2 ACT=DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:04:5d:4b:yy:yy:yy:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=318 TOS=10 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=68 DPT=67 LEN=298 MARK=0

DHCP is provided by my Netgear router and not the NAS. Here’s the QU Firewall Profile:
Interface Service Port Protocol Source Permission
Adapter 1 Any ANY 192.168.1.0/24 Allow
Application (0) Allow
All Any ANY Any Deny
IP access protection (0) Deny

I don't seem to be able to disable them at source so any help how to filter these out appreciated. Interestingly, they are only generated when the TV is in ‘Standby’ and not ‘On’ – weird!

Mousetick
Easy as a breeze
Posts: 410
Joined: Thu Aug 24, 2017 10:28 pm

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by Mousetick » Thu Nov 26, 2020 8:11 am

masher_uk wrote:
Thu Nov 26, 2020 7:07 am
I don't seem to be able to disable them at source so any help how to filter these out appreciated.
You need to allow source=0.0.0.0 and destination=255.255.255.255 for TCP and UDP (ports 67 and 68 if you want to restrict to DHCP). These are perfectly valid addresses, used for broadcast on the LAN.

Why do you folks insist on using this firewall? Being released only recently and at version 1.0, it's shouldn't be surprising it's still not fully baked and quite a bit rough around the edges. Unless you enjoy being the beta testers, in which case you should be prepared to deal with the issues.

masher_uk
New here
Posts: 4
Joined: Mon Nov 23, 2020 1:34 am

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by masher_uk » Fri Nov 27, 2020 5:57 am

@Mousetick - many thanks for your help, this has fixed it!

I take your point regarding the newness of QU Firewall although in fairness it isn't billed as 'for beta testers'; is there an alternative you'd recommend?

Mousetick
Easy as a breeze
Posts: 410
Joined: Thu Aug 24, 2017 10:28 pm

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by Mousetick » Fri Nov 27, 2020 8:23 am

masher_uk wrote:
Fri Nov 27, 2020 5:57 am
I take your point regarding the newness of QU Firewall although in fairness it isn't billed as 'for beta testers'; is there an alternative you'd recommend?
Perhaps not "beta testers" litterally, but for "early adopters" if you prefer.

As an alternative, I don't know what purpose you want to achieve, but I would think you don't need any. The firewall that's buit into your Internet router already does the job, and isn't nagging you with useless warnings about legit network traffic.

That's just my opinion, so take it for what it's worth - that is not much.

masher_uk
New here
Posts: 4
Joined: Mon Nov 23, 2020 1:34 am

Re: QuFirewall - The number of packets denied access has reached the limit of 30.

Post by masher_uk » Sat Nov 28, 2020 2:06 am

OK thanks.

Post Reply

Return to “Miscellaneous”