OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: guest15389 on February 14, 2018, 11:06:47 pm
-
I was trying to make sure I understood what I was seeing.
My basic setup is a firewall and I have a TorGuard VPN setup.
I have a firewall rule that routes a specific IP through my TorGuard OpenVPN setup.
My source IP for the traffic is 192.168.1.31 and I can see majority of my traffic is hitting the VPN (I think). I see some other connections that seem to be going out directly to someone else.
I can't figure it out if that's normal or something that isn't routing through the GW I have setup.
root@plex:~# netstat -an | grep EST | grep 192.168.1.31
tcp 0 0 192.168.1.31:38150 XX.211.163.33:61092 ESTABLISHED
tcp 0 0 192.168.1.31:57929 XX.165.138.209:52863 ESTABLISHED
tcp 0 21386 192.168.1.31:49234 10.37.0.82:54318 ESTABLISHED
tcp 0 0 192.168.1.31:49234 10.37.0.82:56584 ESTABLISHED
tcp 0 0 192.168.1.31:49234 10.37.0.82:2930 ESTABLISHED
tcp 0 57552 192.168.1.31:57526 XX.224.142.120:27811 ESTABLISHED
tcp 0 0 192.168.1.31:49234 10.37.0.82:5227 ESTABLISHED
tcp 0 0 192.168.1.31:49234 10.37.0.82:45454 ESTABLISHED
tcp 0 0 192.168.1.31:58362 XX.32.133.242:8999 ESTABLISHED
tcp 0 202506 192.168.1.31:39047 XX.49.118.22:51413 ESTABLISHED
tcp 0 97477 192.168.1.31:49234 10.37.0.82:49811 ESTABLISHED
So those "XX" connections I think are routing not over the TorGuard VPN but directly out. I have my rule logging on and I see it is matching the right rule. I can also see tons of traffic over the VPN connection so it seems.
My use case is to VPN all my torrent traffic and such via the VPN and any other traffic I want to drop into the rule.