OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of MrBlack »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - MrBlack

Pages: [1]
1
24.7 Production Series / Re: Firewall Live View no longer tags Outbound NAT as rdr since 24.7.6
« on: October 11, 2024, 04:53:56 am »
I'm not sure if this is related to the recent commit for pflog: pass the action to pflog directly: https://github.com/opnsense/src/commit/18af3384cc5f0f02266d67674e860509828bf44a

I'm going to try to downgrade my kernel to 24.7.5 and see if NAT rdr highlighting returns.

EDIT: NAT traffic is still not tagged or highlighted gold after downgrading kernel to 24.7.5_4

2
24.7 Production Series / Firewall Live View no longer tags Outbound NAT as rdr since 24.7.6
« on: October 11, 2024, 04:09:28 am »
I did a quick upgrade to 24.7.6 in order to install some plugins. Upon looking at my Firewall Live View, I noticed a bunch of rule entries that were missing a description. After looking at the pattern of traffic I realized that they were the NAT redirection entries that were no longer highlighted gold, nor tagged as Automatic Outbound NAT traffic also breaking Action filters.


3
24.7 Production Series / 24.7.1 Traffic Shaper Not Matching on some NAT'ed traffic
« on: August 29, 2024, 11:13:11 pm »
opnsense 24.7.1
opnsense-kernel 24.7.1-pf4
Ryzen 7 2700 with an Intel i350-T4

Hello all, been using FQ-CoDeL on my WAN interface since 24.1 and all has been good. After upgrading to 24.7.1 and swapping my kernel to 24.7.1-pf4 for the recent ICMP patches, I began looking at my traffic shaper statistics and noticed that my traffic is no longer being shaped based on my LAN's source or destination addresses.

If I remove the source and destination address and set them to any, and only match on the source and destination port as well as the direction of the packet for separate queues and rules: I'm able to shape my traffic.

My hunch led me to believe that ipfw is no longer matching on my LAN addresses and using the NAT'ed WAN address. Upon remove the any value for the source and destination address fields; and adding the WAN address to the source and destination address fields of the outbound and inbound shaping rules, I'm once again able to shape my traffic.

I'm not sure what instituted this behavior but previous I didn't have issues when using the LAN addresses of my clients when shaping.

Has anyone else come across this issue?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2