Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Limiter blocks internet access (Squid transparent proxy)

    Scheduled Pinned Locked Moved Traffic Shaping
    73 Posts 34 Posters 36.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      doktornotor Banned
      last edited by

      Because it's broken. SIGDUH! If the devs knew what's broken where, they'd fix it.

      1 Reply Last reply Reply Quote 0
      • vallumV Offline
        vallum
        last edited by

        Thank You doktornotor,

        I want to restrict Bandwidth and At the same time URL filtering for LAN users .

        Manu

        1 Reply Last reply Reply Quote 0
        • D Offline
          doktornotor Banned
          last edited by

          Well then stick with 2.1.5 until fixed.

          1 Reply Last reply Reply Quote 0
          • S Offline
            Supermule Banned
            last edited by

            Just a thought…. in 2.2.x they introduced Unbound as the default resolver.

            Could it be related to that?

            If changing DNS forwarder to the former one also available in the GUI, will it work??

            1 Reply Last reply Reply Quote 0
            • D Offline
              doktornotor Banned
              last edited by

              Hmmm? Not really sure how's this related to unbound, or even any resolver at all? When I put limiters on a NAT firewall rule, the traffic stop flowing. As simple as that.

              1 Reply Last reply Reply Quote 0
              • G Offline
                gringo13
                last edited by

                I have same problem.
                Firstly i am sorry for my english.
                I install squid+transparent mode. Filter active and  everything works good.
                When i do limiter activate, then i cant internet access.

                In proxy server, disable transparent mode; then internet can access and works fine limiter. But filter doesnt works.
                What is problem and what can i do?
                Help pls.  Regard.

                1 Reply Last reply Reply Quote 0
                • D Offline
                  doktornotor Banned
                  last edited by

                  @gringo13:

                  What is problem

                  It is broken! Did you read the thread?

                  @gringo13:

                  and what can i do?

                  Ditch the proxy, or wait, or get debugging and coding.

                  1 Reply Last reply Reply Quote 0
                  • G Offline
                    gringo13
                    last edited by

                    @doktornotor:

                    @gringo13:

                    What is problem

                    It is broken! Did you read the thread?

                    @gringo13:

                    and what can i do?

                    Ditch the proxy, or wait, or get debugging and coding.

                    Problem is at the same time transparent mode and traffic shapper doesnt works.
                    If i disable limiter then no block internet. But i enable limiter block internet.
                    Or i disable transparent mode and enable limiter then works fine but doesnt work filter.

                    What do I need to work both at the same time?

                    1 Reply Last reply Reply Quote 0
                    • D Offline
                      doktornotor Banned
                      last edited by

                      @gringo13:

                      What do I need to work both at the same time?

                      Go re-read the previous reply a couple of times.

                      1 Reply Last reply Reply Quote 0
                      • R Offline
                        Riroxi
                        last edited by

                        This issue persists on 2.2.2? Oh Crap :(

                        1 Reply Last reply Reply Quote 0
                        • S Offline
                          Skegton
                          last edited by

                          I also noticed this yesterday. After limiters added to pass all rule and logging enabled, the rule blocks all traffic for that interface and fills up the System logs.

                          1 Reply Last reply Reply Quote 0
                          • D Offline
                            doktornotor Banned
                            last edited by

                            Your "fills up the System logs" non-issue has nothing to do with the topic here. When you log ALL passed traffic, then yeah, your logs are going to fill up, limiters or not.

                            1 Reply Last reply Reply Quote 0
                            • E Offline
                              eri--
                              last edited by

                              @doktornotor:

                              Hmmm? Not really sure how's this related to unbound, or even any resolver at all? When I put limiters on a NAT firewall rule, the traffic stop flowing. As simple as that.

                              This should be fixed in 2.2.3 snapshots.

                              1 Reply Last reply Reply Quote 0
                              • D Offline
                                doktornotor Banned
                                last edited by

                                Thanks, will test as soon as nanobsd becomes usable again…  :D

                                1 Reply Last reply Reply Quote 0
                                • cwagzC Offline
                                  cwagz
                                  last edited by

                                  @ermal:

                                  @doktornotor:

                                  Hmmm? Not really sure how's this related to unbound, or even any resolver at all? When I put limiters on a NAT firewall rule, the traffic stop flowing. As simple as that.

                                  This should be fixed in 2.2.3 snapshots.

                                  I am seeing this problem on 2.2.3-DEVELOPMENT (amd64) built on Fri Jun 19 14:25:29 CDT 2015 FreeBSD 10.1-RELEASE-p13.  No traffic with limiter and transparent proxy.

                                  Netgate 6100 MAX

                                  1 Reply Last reply Reply Quote 0
                                  • D Offline
                                    doktornotor Banned
                                    last edited by

                                    Yeah this is still broken. Don't use limiters on NAT.

                                    https://redmine.pfsense.org/issues/4596
                                    https://redmine.pfsense.org/issues/4590

                                    1 Reply Last reply Reply Quote 0
                                    • N Offline
                                      NABAMB
                                      last edited by

                                      Still not working on Pfsense 2.2.3 final release. I need both, limiter and  transparent squid proxy to work together for my scenario.

                                      Regards,

                                      Nabeel

                                      1 Reply Last reply Reply Quote 0
                                      • A Offline
                                        Alfanetindo
                                        last edited by

                                        I have been having this problem also. It's a BIG problem actually for me. Does anyone know if it's been fixed yet, and if not if it's been brought to the developers attention ?

                                        1 Reply Last reply Reply Quote 0
                                        • DerelictD Offline
                                          Derelict LAYER 8 Netgate
                                          last edited by

                                          Apparently the changes to fix this are significant so they have pushed it to 2.3.  I see they're planning a 2.2.5 first so you're looking at months (at least) before limiters are usable again. Use 2.1.5 and hope no significant vulnerabilities appear since they have stated they will not be patched.  Or evaluate other options, as I am.

                                          2.2 is, for the most part, useless if you rely on dummynet limiters.

                                          Chattanooga, Tennessee, USA
                                          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                                          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                          1 Reply Last reply Reply Quote 0
                                          • A Offline
                                            Abhishek
                                            last edited by

                                            @doktornotor:

                                            Well then stick with 2.1.5 until fixed.

                                            Can any1 share 2.1.5 v pfsense usb image ?

                                            2.3-RC (amd64)
                                            built on Mon Apr 04 17:09:32 CDT 2016
                                            FreeBSD 10.3-RELEASE
                                            Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz

                                            darkstat 3.1.2_1
                                            Lightsquid 3.0.3_1
                                            mailreport 3.0_1
                                            pfBlockerNG 2.0.9_1  
                                            RRD_Summary 1.3.1_2
                                            snort 3.2.9.1_9  
                                            squid 0.4.16_1  
                                            squidGuard 1.14_1
                                            syslog-ng 1.1.2_2

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.