Trying to understand the firewall rules
-
I have another capture but the file is too large to attach. I get an error from your system.
-
Can you upload it somewhere else and post a link? How big is it? Forum size limit is ~5 MB per file, ~10 MB per post. For these purposes it might be just as useful to change the packet length being captured to 64 bytes, and end up with a much smaller capture as a result.
-
It is 8.56 MB file. I will look into changing packet length to 64 bytes.
Who is free for file storage now days? So I can post a link.
-
OK I have run it with 64 byte packets.
[packetcapture (2).zip](/public/imported_attachments/1/packetcapture (2).zip)
-
I am seeing the same issue with 2.3.1 which I loaded tonight. I will be out of town for a few days but I will be back and can help. Hulu still freezes and replays after Ads.
-
Any idea when my problem is going to be fixed? My wife is getting tired of Hulu replaying.
-
I just loaded 2.3.1_1 and I still have a problem which seems the same. Hulu streams and freezes. Any ideas? I can run more packet captures if it would help.
-
Out of the box, PFSense doesn't attempt to block or mess with anything, other than new incoming connections on the WAN. Have you made sure it is PFSense doing it? Have you tried to by-pass PFSense and connect directly and see if the problem persists?
-
The only thing that seems a bit odd in that trace is this connection. But is that have anything to do with hulu? Its some company called doubleverify
NetRange: 204.154.110.0 - 204.154.111.255
CIDR: 204.154.110.0/23
NetName: DOUBLEVERIFY-INCSince its in https its hard to be sure - but its odd that your client sends Fin,ACK and then 2 RSTs for this connection. You would normally see fin, then fin,ack from the other side that says sure Im done with this conversation as well. Not sure what the details are with the unknown and encrypted alert.
Without doing MITM on the connections that are https its sometimes quite difficult to trouble shoot what is going on, because you can not really see the meat of the conversation.
-
That is indeed the only atypical thing in the capture. The TV abandoned that connection for some reason, that was the TV's doing. I doubt given how the traffic otherwise looks in general that's related to the issue, but it could be.
Otherwise the capture is 100% perfect - no packet loss, no connection attempts that failed, no DNS lookups that failed, etc. Very clear from that it's not network or ISP or firewall-induced. It's either the TV, or Hulu.
Any idea when my problem is going to be fixed?
Well it's definitely not in anything we control, so no.