Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WAN IN traffic not showing in LAN Traffic

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 713 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Abhishek
      last edited by 

      
2.2.6-RELEASE (amd64)
built on Mon Dec 21 14:50:08 CST 2015
FreeBSD 10.1-RELEASE-p25

      
Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
2 CPUs: 1 package(s) x 2 core(s)

      
State table size 	
1% (1406/196000)
Show states
MBUF Usage 	
8% (2124/26584) 

      State table size 	
1% (1406/196000)
Show states
MBUF Usage 	
8% (2124/26584)

      I am facing weird issuing , i am seeing WAN IN traffic in traffic graph but i am not seeing any LAN traffic

      Connection

      ISP Router ->  PFsense int0(wan)–---pfsense int1(LAN)---->Switch ---> PC's

      i am using Squid Dynamic Cache to cache windows update and AV updates for 30+ PC's

      
# refresh_pattern -i \.htm 120 50% 10080 reload-into-ims
# refresh_pattern -i \.html 120 50% 10080 reload-into-ims
# refresh_pattern ^http://*.facebook.com/* 720 100% 4320
#refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320
# refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320
# refresh_pattern ^http://*.yimg.*/.* 720 100% 4320
# refresh_pattern ^http://*.gmail.*/.* 720 100% 4320
# refresh_pattern ^http://*.google.*/.* 720 100% 4320
# refresh_pattern ^http://*.kaskus.*/.* 720 100% 4320
# refresh_pattern ^http://*.googlesyndication.*/.* 720 100% 4320
# refresh_pattern ^http://*.plasa.*/.* 720 100% 4320
#refresh_pattern ^http://*.telkom.*/.* 720 100% 4320

# refresh_pattern imeem.*\.flv  0 0% 0     override-lastmod override-expire
# refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]*   161280    90%    161280 ignore-reload

#  refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?)    10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims
# refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)    10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims
# refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id||videodownload\?|\.flv?)       10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims

# refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    10800 80% 10800 reload-into-ims override-expire ignore-private
# refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.      10800 80% 10800 reload-into-ims ignore-no-cache  ignore-reload override-expire
# refresh_pattern ^http:\/\/www.onemanga.com.*\/           10800 80% 10800 reload-into-ims ignore-no-cache  ignore-reload override-expire

# ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin)                      10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern (avgate|avira).*(idx|gz)$                           10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern kaspersky.*\.avc$                                   10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern kaspersky                                           10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern update.nai.com/.*\.(gem|zip|mcs)                    10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip)     10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims

refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims

refresh_pattern windowsupdate.com/.*\.(cab|exe)             10800  80%  10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern update.microsoft.com/.*\.(cab|exe)             10800  80%  10800 ignore-no-cache  ignore-reload  reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe)             10800  80%  10800 ignore-no-cache  ignore-reload  reload-into-ims

#images facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif)      10800 80% 10800 ignore-reload  override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                  10800 80% 10800 ignore-reload  override-expire ignore-no-cache
refresh_pattern  static\.ak\.fbcdn\.net*\.(jpg|gif|png)                  10800 80% 10800 ignore-reload  override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)      10800 80% 10800 ignore-reload  override-expire ignore-no-cache

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|avi|bin|cab|dat|deb|divx|dvr-ms)      10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v))          10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)     10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rar|rm|r(a|p)m|snd|vob|wav) 10800 80% 10800 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t))     10800 80% 10800 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims

# refresh_pattern (cgi-bin|\?)       0      0%      0
# refresh_pattern ^gopher:    1440    0%    1440
# refresh_pattern ^ftp:         10080     95%     10800 override-lastmod reload-into-ims
#  refresh_pattern         .     180     95% 10800 override-lastmod reload-into-ims

      001.PNG
      001.PNG_thumb
      01.PNG
      01.PNG_thumb
      02.PNG
      02.PNG_thumb

      2.3-RC (amd64)
      built on Mon Apr 04 17:09:32 CDT 2016
      FreeBSD 10.3-RELEASE
      Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz

      darkstat 3.1.2_1
      Lightsquid 3.0.3_1
      mailreport 3.0_1
      pfBlockerNG 2.0.9_1  
      RRD_Summary 1.3.1_2
      snort 3.2.9.1_9  
      squid 0.4.16_1  
      squidGuard 1.14_1
      syslog-ng 1.1.2_2

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66
        last edited by

        I don't understand the issue. You configured Squid to preemptively download files and you're wondering why you don't see any LAN traffic? Squid is the one downloading, it's not on your LAN.

        1 Reply Last reply Reply Quote 0
        • A
          Abhishek
          last edited by

          updated

          
#All File
refresh_pattern -i \.(3gp|7z|ace|asx|avi|bin|cab|dat|deb|divx|dvr-ms)      10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims; range_offset_limit -1;
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v))          10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims; range_offset_limit -1;
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)     10800 80% 10800 ignore-no-cache  ignore-private override-expire override-lastmod reload-into-ims; range_offset_limit -1;
refresh_pattern -i \.(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rar|rm|r(a|p)m|snd|vob|wav) 10800 80% 10800 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims; range_offset_limit -1;
refresh_pattern -i \.(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t))     10800 80% 10800 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims

# Updates

refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 10800  80%  10800 ignore-no-cache  ignore-reload  reload-into-ims; range_offset_limit -1;
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 10800  80%  10800 ignore-no-cache  ignore-reload  reload-into-ims; range_offset_limit -1;
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 10800  80%  10800 ignore-no-cache  ignore-reload  reload-into-ims; range_offset_limit -1;

# AV updates

# refresh_pattern avast/.*\.(bin|vpx)                      10800 80% 10800 ignore-no-cache  ignore-reload  reload-into-ims; range_offset_limit -1;
range_offset_limit 0;
quick_abort_pct 70;

          2.3-RC (amd64)
          built on Mon Apr 04 17:09:32 CDT 2016
          FreeBSD 10.3-RELEASE
          Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz

          darkstat 3.1.2_1
          Lightsquid 3.0.3_1
          mailreport 3.0_1
          pfBlockerNG 2.0.9_1  
          RRD_Summary 1.3.1_2
          snort 3.2.9.1_9  
          squid 0.4.16_1  
          squidGuard 1.14_1
          syslog-ng 1.1.2_2

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.