Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: jimba on April 02, 2023, 11:21:55 PM

Title: FW blocking IPTV mag 420
Post by: jimba on April 02, 2023, 11:21:55 PM
Hi all,

OPNSense 192.168.1.3
DNS Pihole 192.168.1.10 upstream to OPNSense running Unbound
Infomir MAG 420 IPTV 192.168.1.100
23.1_6 version

Newish user to OPNSense here.
It has been working brilliantly for me up until recently. I have been having all sorts of freezing on my IPTV box. I have GB internet and other streaming services are working perfectly. Recently I have been watching the live logs to see if I can find out what has been going on to try to troubleshoot this and have managed to narrow it down.

There seems to be a block on the LAN interface for some reason, I do not understand why as it says the source is my mag box on 192.168.1.100. I thought traffic should be allow to pass from the LAN interface to its destination. It seems to be getting caught by the default deny/state violation rule. Whenever I see this stream of red entries, I get a freeze and a black screen on my TV just after. Tracing these IPs seems to link to Google servers.  I know these boxes are Android and seem to use time.google.com for their sync but there is a direct correlation here.

Once the new LAN rule is applied, it all works well, and I see the log showing green now for the traffic 'TV allow' rule and no freezing. Then after a short while, it seems to have some traffic again being blocked by the default deny / state violation rule - and then, you guessed it, it would freeze up again!

Please help!! I really have no idea why the new rule seems to be working and (from the same source) then getting caught by the default deny floating rule again....
Title: Re: FW blocking IPTV mag 420
Post by: jimba on April 05, 2023, 08:54:57 AM
Well it seems like I had no relies to help me, here.
Managed to figure it out on my own after quite a bit of headache and some chance, I thought I'd share here.

As stated, the box is on .100. Some traffic originating from this address passes, some other does not !!

I was lying in bed using my tablet that night and it started to lose its internet connection. I had a look around and noticed the ip for the tablet was the same as for the iptv box. Which I thought shouldn't happen as there is a reservation set for it.

Digging around on here I found:

https://forum.opnsense.org/index.php?topic=23955.30 (https://forum.opnsense.org/index.php?topic=23955.30)

It seems OPNsense has an issue with a static reservation inside the DHCP pool range.
So I lowered my ending DHCP range to finish at .99 and rebooted the IPTV box.

BOOM, no more issues
.......

A headache but now working!
Text only | Text with Images