• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Firewall rules not working anymore after reboot (bandwidthd installed)

Scheduled Pinned Locked Moved Firewalling
4 Posts 2 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    Matts
    last edited by Jun 22, 2007, 11:07 AM

    Hi,

    I had a very nice running Transparent Firewall with 1.2BETA1 / snapshot 06-06-2007. I was running as it should and I installed Bandwidthd to get some extra graphics what was working fine.

    Because my system has 2 working CPU's and pfsense only saw 1CPU I rebooted the system yesterday and when Bandwidthd was starting I saw a very short error where don't know of what it is.

    What I was facing after this reboot was that dnsresolving to the outside world was not working anymore. http from the outside was working well, just inside could not reach any DNS server anymore that was behind the transparent firewall.

    Checking what was wrong I saw that there were no firewall logs anymore, a reboot didn't fix it. I thought of updating the system with the latest build of 22 Jun, what actually is the stable Beta1 version of 30 April, this also didn't fix the problem and still no FW-logs.

    I can ping internal hosts, on the PFsense I can ping external hosts, but only on IP. Firewall rules are the same.

    The bridge was working, so I enabled the firewalls on the local machines again and turned the firewall of on the Pfsense box, it works now only as a bridge what seems to be working very well.

    Because I can't see anything in my logs fir firewalling I can't figure out what this problem might be. Other logs are working fine and nothing too see actually.

    I hope this is only a slight problem.

    Thanks,

    Matt

    1 Reply Last reply Reply Quote 0
    • M
      Matts
      last edited by Jun 22, 2007, 8:29 PM

      Hi,

      OK, the firewall for incomming traffic does work again after upgrading to the snapshot of 06-06-2007 again.

      Problem it that traffic from inside to outside is still not allowed with an any rule on the lan interface.

      DNS resolving works, but no ping, mail or whatever from inside to outside, strange is that webservers are working actually serving HTTP pages.

      Nothing has been changed on the rules when it stopped working, just a reboot.

      I enabled the logging again and see logfiles ( I needed some sleep), but still than, not logs for that inside=> outside issue.

      1 Reply Last reply Reply Quote 0
      • M
        Matts
        last edited by Jun 23, 2007, 2:34 AM

        Ok Solved,

        It seems that the IP adress of the LAN side in a bridge really should be different than on the WAN-IP.

        But, it needs to be in the same subnet or it will not work 100% well.

        I have the feeling that this IP on LAN can be used for another system because it does not exist in the ARP table on the router.

        But, beware, this adress is needed different AND needs to be in the same SubNet !!!

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by Jun 23, 2007, 4:12 AM

          @Matts:

          Ok Solved,

          It seems that the IP adress of the LAN side in a bridge really should be different than on the WAN-IP.

          But, it needs to be in the same subnet or it will not work 100% well.

          I have the feeling that this IP on LAN can be used for another system because it does not exist in the ARP table on the router.

          But, beware, this adress is needed different AND needs to be in the same SubNet !!!

          Yeah I verified that's a bug. I opened a ticket.
          http://cvstrac.pfsense.org/tktview?tn=1352

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received