"Quote from: franco on February 02, 2018, 09:38:01 AMCH is my GeoIP alias, and it's empty, NAS contains the address I configured.
What does this return then?
# ls -lah /var/db/aliastables/
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#106
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
February 02, 2018, 09:52:15 AM
#107
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
February 02, 2018, 09:35:05 AMQuote from: franco on February 02, 2018, 09:34:34 AMSeems it's still empty :(
Sure, now check the table...
#108
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
February 02, 2018, 09:29:14 AMQuote from: franco on February 02, 2018, 09:13:53 AMThe command only returns 'OK'.
Okay, that's good and bad... Good in the sense it's not a fundamental firewall issue, bad because whatever prevents your system from fetching the aliases may prevent it from reaching out in the first place... Is that table populated when you run this from the console?
# configctl filter refresh_aliases
#109
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
February 02, 2018, 01:30:07 AMQuote from: franco on February 01, 2018, 11:51:13 PMGot it, my GeoIP alias falls under (a), the pfTable is empty and therefore there's nothing to compare to, since I'm using it as source nothing passes :)
Maybe we should separate "not working" into two categories:
(a) Firewall: Diagnostics: pfTables -- alias empty
(b) generally not working in NAT or firewall rule
Then also check (b) under Firewall: Diagnostics: pfInfo (Rules) whether these non-working rules actually see traffic
Thanks,
Franco
#110
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
February 01, 2018, 08:05:55 PM
With the fix, port aliases are working, but GeoIP alias (still) isn't.
#111
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
January 31, 2018, 03:49:22 PMQuote from: hirschferkel on January 31, 2018, 03:29:31 PMIs it possible that you configuered the old rules in the NAT > Port Forward menu? They should be editable there, they are only visible in the rules if you choosed "create new rule"
My forwarding rules are just > take all incoming connections on a range of ports to one destination and it's corresponding ports.
Host is defined as an Alias (but that's not the problem).
Port range is defined as another Alias.
But what I found is, that old imported rules can not be edited!
On the other hand I can edit a new rule, but this one will not be available with NAT port forwarding!
Something has gone quite wrong here...
At the moment it only works if I choose "pass" as an option, in a manual, single port forwarding. But I can't select new rules which are set to pass. I guess old rules loose their definition, as they can not be edited either. So in the end I cannot set a portrange to be passed... that's wired.
#112
18.1 Legacy Series / Re: NAT, port aliases, redirect not working after upgrade
January 31, 2018, 09:20:42 AM
Hello
I noticed GeoIP Alias isn't working after upgrading to 18.1_1 and tried applying the hotfix, sadly it didn't helped.
I then tried with source any, which seemed to help, but after some time I am unable to connect again (OpenVPN in this case).
Sadly I can't provide any logs at the moment, because I'm not at home and I don't have a working VPN ;).
Regards
I noticed GeoIP Alias isn't working after upgrading to 18.1_1 and tried applying the hotfix, sadly it didn't helped.
I then tried with source any, which seemed to help, but after some time I am unable to connect again (OpenVPN in this case).
Sadly I can't provide any logs at the moment, because I'm not at home and I don't have a working VPN ;).
Regards
