Text only | Text with Images

OPNsense Forum

English Forums => 24.7, 24.10 Legacy Series => Topic started by: stefan00 on November 19, 2024, 01:18:13 PM

Title: [solved] No NAT states in FW->LiveView anymore
Post by: stefan00 on November 19, 2024, 01:18:13 PM
Hi everyone,

No matter what I try, I can not get (the "blue") NAT states in the FW LiveView (anymore).

NAT itself works!

Unfortunately, I can not break down since when this happens because I usually have most NAT logging off (except for VPN stuff). So this Post goes into the 24.7 forum, but it could be an issue since a while ago.

I came across the issue when playing a bit with NPTv6 - same thing. Nat states not visible.

tried:
- switching from Hybrid to Manual NAT, generating a Rule and enable Logging
- turning on FW->Settings->"Log packets matched by automatic outbound NAT rules"
- enable/disable FW-settings->"Disable automatic rules which force local services to use the assigned interface gateway."
- switched from business edition to latest Community edition for testing

some specs:
- using VLANS
- OPNsense 24.7.8-amd64

Does anyone have an idea on where to start looking? The problem sounds pretty crazy to me.

best & thanks,
stefan

Title: Re: No NAT states in FW->LiveView anymore
Post by: stefan00 on November 20, 2024, 10:51:45 AM
I guess I found some starting point to the issue:

It seems that in FW->Diagnostics->States->Rules the NAT rules are present (and logged?). At least that's my understanding of this table.

In the FW->Logging->LiveView table, the NAT entry is present but 1) has no rule label displayed 2) is labeled pass(green) instead of NAT (blue)

Log sequence with hybrid NAT rules enabled:

(https://www.gateeight.de/pub/72Gds6bCFvs4l8Hv/liveview1.jpg)
(https://www.gateeight.de/pub/72Gds6bCFvs4l8Hv/rules1.jpg)
(https://www.gateeight.de/pub/72Gds6bCFvs4l8Hv/statistics1.jpg)


With manual NAT rule:

(https://www.gateeight.de/pub/72Gds6bCFvs4l8Hv/liveview2.jpg)
(https://www.gateeight.de/pub/72Gds6bCFvs4l8Hv/rules2.jpg)
(https://www.gateeight.de/pub/72Gds6bCFvs4l8Hv/statistics2.jpg)

both cases actual do the correct NAT. But for debugging purposes, it would really be nice to see the them in the FW live log.

Am I completely wrong here, did something change, is this behavior expected or indeed a bug/issue?

@Franco would you mind taking a quick look?

thank you  :)


Title: Re: No NAT states in FW->LiveView anymore
Post by: Monviech (Cedrik) on November 20, 2024, 11:23:31 AM
https://github.com/opnsense/src/issues/223
Title: Re: No NAT states in FW->LiveView anymore
Post by: stefan00 on November 20, 2024, 11:49:45 AM
 ::) I was looking only in opnsense/core for the issue

thank you :)
Title: Re: [solved] No NAT states in FW->LiveView anymore
Post by: Monviech (Cedrik) on November 20, 2024, 12:03:59 PM
Hehe yeah sometimes these issues can be spread across multiple different repositories. It is a bug in pf so its in src.

Thanks for spending all the time on your initial post with all the screenshots.  :)
Text only | Text with Images