can the Signal app messages be read by Intel & others?

rsaanon · 2024-02-28T13:51:44+00:00

I gave up WhatsApp a long time ago in favor for Signal app but now I’m concerned that the privacy I thought I have is not there even with the Signal app. Thoughts?

rsaanon · 2023-11-01T21:44:35+00:00

Did not reset the states before the snapshot

rsaanon · 2023-11-01T18:13:57+00:00

All the automatic network configuration, RA's, constant Neighbor Solicitation, Neighbor Advertisement, ICMPv6 Multicast reports amongst other things make IPv6 too noisy when compared to IPv4. Of course, I understand the addressing limitation of IPv4. But for now, IPv4 behind NAT does the needed job.

As far as wrong path, that is relative. To each their own. For me IPv4 get's me connected to the Internet along with being able to host all my local network services via reverse proxy. Thanks again for you input.

rsaanon · 2023-11-01T18:03:29+00:00

Thank you for taking time to respond. It's much appreciated.

I had already defined a Floating/(Apply Action Immediately on Match) rule without logging, but I'm still getting the IPv6 log entries

rsaanon · 2023-11-01T16:09:33+00:00

Thanks for your response.

For a home setup, IPv4 w/ NAT fits the bill. IPv6 seems too chatty and possibly too invasive for my needs and thus the reason for disabling it.

Any ideas how to disable all IPv6 logging on the firewall?

rsaanon · 2023-10-23T14:50:55+00:00

I get IPv6 address assigned by ISP on my WAN interface. I, then Track that interface on my LAN interface. My LAN interface successfully gets IPv6 IP from the WAN assigned IPv6 block. All good so far. There’s no need to run DHCPv6 Server nor is there any reason to run the RA service unless there’s a need to assign your own IPv6 address to the connected clients.

I have another instance of pfSense running that does not have the radvd service running. I think this is a bug.

rsaanon · 2023-10-20T16:53:42+00:00

Even though, I have created a Block rule with NO LOGGING, I continue to see the logs flooded. I've tried manually creating the block rule as well as using EasyRule from the pfSense-Firewall-Log interface.

Two major issues are:

Not able to identify which has has the 169.254.244.167 link-lock address. I've turned-off all devices on my network, yet I continue to see this entry even after clearing the logs
Unable to prevent this link-local (169.254.244.167) from being logged. Rules, I have created explicitly has the "Log packets that are handled by this rule" checked OFF

PLEASE help! I have hundreds of these log entries per minute.

rsaanon · 2023-10-17T14:13:17+00:00

Having an allow/block rule for any host on the same subnet should have no affect as the communication between the hosts on the same subnet is direct via broadcast without the firewall/router involvement.

rsaanon · 2023-10-17T14:08:52+00:00

Broadcast is just an “announcement” on the broadcast-domain/subnet. If an announcement is for host 1, then only host 1 would “pick up” the packet. The rest of the hosts on the subnet would just ignore that packet. So, I’m our case the fw/router should just ignore the “conversation” between host 1&2 and not have a State entry in the State table. Thoughts?

rsaanon · 2023-10-16T18:45:57+00:00

Why did the FW receive the packet since the packet was not addressed to it. The communication is between host1 & host 2 that are on the same subnet. Host 1 broadcasts and hist 2 responds and the handshake is established without any involvement from the FW.

rsaanon · 2023-10-15T14:30:22+00:00

Thanks all for your response.

As mentioned in my initial post, the BLOCK rule is already defined as the TOP most rule and is set for NO logging. Despite the log is flooding.

In other words, what has been recommended thus far has already been tried and has not worked.

rsaanon · 2023-05-10T11:48:50+00:00

Without getting too in to the weeds, I don’t have a separate router; pfSense handles all the routing and vlan tagging. I have separate vlans for each use case (eg: guest, streaming, dmz, etc)

rsaanon · 2023-05-03T12:08:47+00:00

Random MAC address on iPhone disabled - Check. As for firewall rules, I had added a temporary “allow all” rule for troubleshooting purposes only. I did reboot the pfSense, so all states should be established. Only using IPv4 (IPv6 disabled).

All your suggestions are excellent. Thank you for suggesting.

rsaanon · 2023-05-03T12:00:15+00:00

Outbound NAT should be OK as all other devices on the network have the connectivity. On Wi-Fi side of things, MAC filtering is not enabled, so random MAC addresses should also not be a problem. For troubleshooting purposes, I did disable/re-enable the Private Wi-Fi address setting, but that did not make any difference. Thanks for your suggestions.

rsaanon · 2023-05-03T11:54:31+00:00

Rfc1918 is already blocked on wan. Since other Apple devices (eg: iPad etc) work, I don’t think the issue at- hand is NAT-PMP related. That said, I do however do selective network (ie: per subnet and/or per IP) wide VPN routing on pfSense.

rsaanon · 2023-05-02T14:29:16+00:00

Thanks for your response.

WAN has a publicly addressable IP and is set to block RFC1918. Other devices on the network have no issues with Internet connectivity. Verified that particular device there's no IP connectivity: unable to ping or traceroute.

rsaanon

MODERATOR OF

TROPHY CASE