Traffic shaper changes [90% completed, please send money to complete bounty]
-
hello ermal , oh i see. I just want to make sure if what i did is correct. this is what i have in line 2170. so i have to delete this 4 lines?
let out anything from the firewall host itself and decrypted IPsec traffic
pass out on $lan proto icmp keep state label "let out anything from firewall host itself"
pass out on $wan proto icmp keep state label "let out anything from firewall host itself"
pass out on $wanif all keep state label "let out anything from firewall host itself"and add this 3 lines ?
let out anything from the firewall host itself and decrypted IPsec traffic
pass out on {$oc['if']} proto icmp keep state label "let out anything from firewall host itself"
pass out on {$oc['if']} all keep state label "let out anything from firewall host itself"is this correct?
Chris
-
Just replace the file in /etc/inc/filter.inc with the content from this LINK and you should be ok.
Otherwise you just need to delete this 2 lines:
pass quick on {$oc['if']} proto icmp keep state label "let out anything from firewall host itself"
pass quick on {$oc['if']} all keep state label "let out anything from firewall host itself"and make them
pass out on {$oc['if']} proto icmp keep state label "let out anything from firewall host itself"
pass out on {$oc['if']} all keep state label "let out anything from firewall host itself"Whichever your prefer.
Ermal
-
i'm a newbie and want to know where and how can i contribute to get a copy to test 1.3 … many thanks thanks
-
You want access to the new shaper on 1.2 or have you replied on the wrong thread?
-
i want access to the new shaper .. thanks
-
Well you can send the offerings at ermal.luci@gmail.com and i will give you the link to the new shaper.
-
ermal, would the new traffic shaper allow you to distribute evenly bandwidth to the active workstations. example i have 2mb bandwidth. first workstation 1 download a file so it gets the 2mb. after minute workstation 2 start download another file so workstation 1 gets 1mb and workstation 2 gets 1mb. is this possible with the new traffic shaper?
chris
-
yes, just use CBQ discipline and it will setup you up for that.
-
Hello ermal. I have send you a private message about the traffic shaper
Chris
-
Hello Ermal, I've made myccontribution but have not gotten any links to the new shaper,kindly advise. Thanks.
-
Check you mail i sent the reply with instructions.
Sorry but my connection has been spooky and am replying from another location right now.
Ermal
-
ermal, i have notice that sticky connection was missing. is this a bug?
chris
-
Will check it before making available the other image.
-
ok thanks ermal! and load balance does not work :(
-
What do you mean by load balance does not work?!
-
ermal, I have tried to enable the load balance but only the WAN1 will get all the load but it works well in 1.2 official release. is this also a bug? or just missing something?
chris
-
Can you please send me your rules.debug privately.
-
Hello ermal, pm sent :)
chris
-
Hello ermal,
i got this error. :( think this is the load balancer error. any ideas?
Jul 11 01:52:21 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:146: syntax error pfctl: Syntax error in config file: pf rules not loaded The line in question reads [146]: pass in quick on $lan route-to { ( xl0 192.168.3.1 ) } from 192.168.0.0/24 to /32 keep state label "USER_RULE: Make sure DMZ 2 traffic goes to WAN2 DMZ"
Jul 11 01:52:21 php: : There were error(s) loading the rules: /tmp/rules.debug:146: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [146]: pass in quick on $lan route-to { ( xl0 192.168.3.1 ) } from 192.168.0.0/24 to /32 keep state label "USER_RULE: Make sure DMZ 2 traffic goes to WAN2 DMZ"chris
-
ermal, problem solve :) just change my ip /32 to /24