OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: NilsS on October 26, 2017, 10:46:41 am

Title: Docs about Disable force gateway
Post by: NilsS on October 26, 2017, 10:46:41 am
Are there any threads or issues to look into for information about
Firewall -> Settings -> Advanced: Disable force gateway ?
Disable automatic rules which force local services to use the assigned interface gateway.

can this resolve the problems using tcp_outgoing_address with squid?

Title: Re: Docs about Disable force gateway
Post by: franco on October 26, 2017, 08:13:19 pm
Hi Nils,

There is no documentation about this yet. The "non-disable" was always the default. We initially tried to change that for 17.7 but some multi-wan setups rely on this tweak so we've had to tiptoe around it with this setting.

The system is a bit flawed as we've recently discovered that it will take any gateway set as gateway for that interface as the forced gateway, which goes a bit against one being able to select a specific gateway in the interface configuration.

We are unsure how to proceed with this oddity.

On the original point, docs are coming to open source land when the stock photograph images have been fixed in terms of licensing and then we'd have a larger round of updates for base functionality that has suffered in terms of documentation somewhere around the release of 18.1.

And, yes, it is a likely candidate to solve local services from being able load-balance properly. But we need more time to test and integrate it to accommodate for old and new ways of using the system.