After update to 22.1, IPS blocks all incoming WAN traffic.

[iperryindigex]

We're running two OPNsense boxes on identical hardware in an HA configuration. I went to do our quarterly firmware update and updated each firewall from 21.7.7 to 21.7.8 to 22.1. I set the secondary gateway to persistent CARP maintenance mode, performed the updates, disabled persistent carp on the secondary, enabled it on the primary. After the upgrade to 22.1 on the primary, both firewalls appeared down from our remote. After coming in the next morning, we saw that no traffic was being blocked on the LAN side, but that IPS was blocking all incoming traffic on the WAN side. Disabling IPS fixed the issue.

I failed over to our secondary and upgraded our primary to 22.1.4, hoping it might have been a bug. Regardless of which is currently primary, if we enable IPS on one of the gateways, WAN fails on that gateway.