Messages

The exact message when trying to apply the patch is: 'hunks' - 4 out of 5 hunks failed, see attached image.

It was at this point, it occurred to me that the patch might only apply to 23.7.3 & not 23.7.10_1..

Does this patch apply to '23.7.10_1-amd64' - I seem to be getting something like 4 out of 5 failed block messages.

[Original configuration 23.1.11]

***Quick Update***

Hope this helps someone who may be experiencing the same issue I was.

The issue I had with NAT seemed to present itself post 23.7 upgrade, in particular 'Port Forward'.

Original configuration 23.1.11:
Under NAT / Port Forward, I had a rule specific for DNS (port 53), redirected to a group, i.e. VPN DNS ip's. This group has the ip addresses added pertaining to the VPN's dns servers.

POST 23.7 upgrade, this rule failed & I stumbled across a fix by changing an attribute in the port forward rule.

Current configuration 23.7:
Under NAT / Port Forward, I've now used the specific VLAN interface my host is attached to (instead of the group I had previously) and it seems to work, i.e. my VP provider is showing 'no leaks'.

Strange thing is, under NAT / Outbound, the interface I have listed here is the same group mentioned above that does not work for port forward.

All good now....

Just notinced after 23.7 upgrade, all my firewall groups are not showing under 'Interfaces' section anymore. After tinkering with this for a bit, I noticed the groups will show IF only one member is selected.
When multiple members are selected, the interface disappears, but it still present in form under RULES section - this didn't happen in 23.1.11.

I've checked the '(no) GUI groups' option - it's not ticked, but doesn't matter anyway as it's no longer honouring this check mark.

It appears post 23.1.11 - 23.7 upgrade, all my port forward rules are no longer honoured.

NAT outbound rules seem fine & routing properly. DNS port forward rule doesn't seem to be using the gateway I selected and instead is using the default gateway.

If you've followed the  wireguard guide meticulously, create another rule without the "NO_WAN_EGRESS" tag for the pc's in question. This way, you'll have fallback to ISP without kill-switch for those PC's.

I have a similar setup utilising Sophos units.
Simply download the image, burn to USB. Insert USB into spare port on Sophos box - boot up.
(Make sure you have external monitor/kb plugged it to see the boot process).
Wait for boot menu and follow the bouncing ball - easy.

Hi all -

Having issues with the Shaper, in particular when using VLANs.
Under Firewall - Shaper - Rules I have a rule for one of my VLANS whereby I have selected WAN as the primary interface & (VLANx) as the secondary interface. I use this rule to catch traffic on this VLAN to give it certain priority - works well.

IF however, I setup an additional rule underneath this VLAN rule (next sequence number), and select WAN as the primary interface with nothing in the secondary - the two rules conflict and the shaper seems to share the bandwidth between the two rules. This rule is used as a 'catch all' for all other traffic - other than the VLAN in the previous rule.

The result is that the total throughput flow is reduced by a small margin.

To get around this, I deleted the vlan from Interface2 & used source/destination IP subnets that correspond to the VLAN - with this setup the rules/flows/traffic is spot on....


Any thoughts?