Siehst du das auch so? https://imgur.com/a/xkMvNWYLaut Ad haben die Regeln einfach keine Treffer, d.h. höchstwahrscheinlich nicht korrekt konfiguriert.GrüsseFranco
#======================================================================================# flush ruleset#======================================================================================flush#======================================================================================# define dummynet pipes#======================================================================================pipe 10000 config bw 10Mbit/s type wf2q+pipe 10001 config bw 12Mbit/s type wf2q+pipe 10002 config bw 63Mbit/s type wf2q+pipe 10003 config bw 20Mbit/s type wf2q+pipe 10004 config bw 2Mbit/s type wf2q+#======================================================================================# define dummynet queues#======================================================================================queue 10000 config pipe 10000 weight 3queue 10002 config pipe 10000 weight 9queue 10003 config pipe 10001 mask src-ip 0xffffffff weight 8 piequeue 10004 config pipe 10002 mask dst-ip 0xffffffff weight 8 piequeue 10005 config pipe 10001 weight 12 codel target 1 interval 3 noecnqueue 10006 config pipe 10002 weight 12 codel target 1 interval 3 noecn#======================================================================================# general purpose rules 1...1000#======================================================================================add 100 allow pfsync from any to anyadd 110 allow carp from any to any# layer 2: pass ARPadd 120 pass layer2 mac-type arp,rarp# OPNsense requires for WPAadd 130 pass layer2 mac-type 0x888e,0x88c7# PPP Over Ethernet Session Stage/Discovery Stageadd 140 pass layer2 mac-type 0x8863,0x8864# layer 2: block anything else non-IP(v4/v6)add 150 deny layer2 not mac-type ip,ipv6# allow traffic send from localhostadd 200 skipto 60000 ipv6 from ::1 to anyadd 201 skipto 60000 ipv4 from 127.0.0.0/8 to anyadd 202 skipto 60000 ipv6 from any to ::1add 203 skipto 60000 ipv4 from any to 127.0.0.0/8#======================================================================================# Allow traffic to this host#======================================================================================#======================================================================================# redirect non-authenticated clients to captive portal @ local port 8000 + zoneid#======================================================================================#======================================================================================# accept traffic from all interfaces not used by captive portal#======================================================================================# let the responses from the captive portal web server back outadd 6000 skipto 60000 tcp from any to any out# forward unauthorized traffic from captiveportal interfaces to block rule# send all the rest to the traffic shaper rulesadd 6199 skipto 60000 all from any to any#======================================================================================# 30000 .... 49999 reserved for captive portal accounting rules#======================================================================================#======================================================================================# traffic shaping section, authorized traffic#======================================================================================add 60000 return via anyadd 60001 queue 10000 ip from 192.168.25.80 to 192.168.27.152 src-port any dst-port any via ovpns2 // 50f651c5-430e-4b51-b112-59cac967d1f3 opt1: Q_UP-OpenVPN site-to-site 10Mbit-Nas_to_NASadd 60002 queue 10002 ip from any to any src-port any dst-port any via ovpns2 // 191571d9-6638-4bf7-a7b1-a14f078a0a26 opt1: Q_UP-OpenVPN site-to-site 10Mbit-anyadd 60003 queue 10005 tcp from 192.168.25.3 to 192.168.31.1 src-port 5060 dst-port 5060 out via igb1 // 2e0bc68d-652b-4577-bbf9-cfde513505f5 wan: Q_WAN-PipeUp-12Mbps-VOIPadd 60004 queue 10005 udp from 192.168.25.3 to 192.168.31.1 src-port 5060 dst-port 5060 out via igb1 // d566b5ac-c0f7-4e62-9c8b-a1c7de0186da wan: Q_WAN-PipeUp-12Mbps-VOIPadd 60005 queue 10005 udp from 192.168.25.3 to 192.168.31.1 src-port 7078-7109 dst-port 10000-11000 out via igb1 // aa43f31d-28c8-49b6-8c33-1fe2ef0629ed wan: Q_WAN-PipeUp-12Mbps-VOIPadd 60006 queue 10006 tcp from 192.168.31.1 to 192.168.25.3 src-port 5060 dst-port 5060 in via igb1 // c1c3c469-5978-4a2c-8b64-c3a0a2f6df38 wan: Q_WAN-PipeDown-63Mbps-VOIPadd 60007 queue 10006 udp from 192.168.31.1 to 192.168.25.3 src-port 5060 dst-port 5060 in via igb1 // 9f58a09b-7910-4a30-a3a9-0086f2301455 wan: Q_WAN-PipeDown-63Mbps-VOIPadd 60008 queue 10006 udp from 192.168.31.1 to 192.168.25.3 src-port 10000-11000 dst-port 7078-7109 in via igb1 // c608f365-02c0-46a1-8882-3cd43e361536 wan: Q_WAN-PipeDown-63Mbps-VOIPadd 60009 queue 10003 ip from 192.168.25.0/24 to any src-port any dst-port any via igb1 // dd7d88d5-3c75-4309-a2ab-baaf461c2365 wan: Q_WAN-PipeUp-12Mbpsadd 60010 queue 10004 ip from any to 192.168.25.0/24 src-port any dst-port any via igb1 // eb4c2079-afa9-4f44-86a6-60c81ada17e4 wan: Q_WAN-PipeDown-63Mbpsadd 60011 pipe 10003 ip from any to any src-port any dst-port any recv igb1 xmit igb2 // fc9b34e7-9260-4254-86c8-fab2e0dacd3b wan -> opt2: Transit-Freifunk-Downloadadd 60012 pipe 10004 ip from any to any src-port any dst-port any xmit igb1 recv igb2 // 3da54e19-e172-4ba1-8522-cc9c0b54d245 opt2 -> wan: Transit-Freifunk-Upload# pass authorizedadd 65533 pass ip from any to any# block all unmatchedadd 65534 deny all from any to any