Messages

[pflog: pass the action to pflog directly]

I'm not sure if this is related to the recent commit for pflog: pass the action to pflog directly: https://github.com/opnsense/src/commit/18af3384cc5f0f02266d67674e860509828bf44a

I'm going to try to downgrade my kernel to 24.7.5 and see if NAT rdr highlighting returns.

EDIT: NAT traffic is still not tagged or highlighted gold after downgrading kernel to 24.7.5_4

I did a quick upgrade to 24.7.6 in order to install some plugins. Upon looking at my Firewall Live View, I noticed a bunch of rule entries that were missing a description. After looking at the pattern of traffic I realized that they were the NAT redirection entries that were no longer highlighted gold, nor tagged as Automatic Outbound NAT traffic also breaking Action filters.

opnsense 24.7.1
opnsense-kernel 24.7.1-pf4
Ryzen 7 2700 with an Intel i350-T4

Hello all, been using FQ-CoDeL on my WAN interface since 24.1 and all has been good. After upgrading to 24.7.1 and swapping my kernel to 24.7.1-pf4 for the recent ICMP patches, I began looking at my traffic shaper statistics and noticed that my traffic is no longer being shaped based on my LAN's source or destination addresses.

If I remove the source and destination address and set them to any, and only match on the source and destination port as well as the direction of the packet for separate queues and rules: I'm able to shape my traffic.

My hunch led me to believe that ipfw is no longer matching on my LAN addresses and using the NAT'ed WAN address. Upon remove the any value for the source and destination address fields; and adding the WAN address to the source and destination address fields of the outbound and inbound shaping rules, I'm once again able to shape my traffic.

I'm not sure what instituted this behavior but previous I didn't have issues when using the LAN addresses of my clients when shaping.

Has anyone else come across this issue?