Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Revisiting Bug #4326: Limiters on fw rules where NAT applies drop all traffic

    Scheduled Pinned Locked Moved Traffic Shaping
    3 Posts 2 Posters 768 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • luckman212L
      luckman212 LAYER 8
      last edited by

      I know that bug #4326 is marked fixed in pfSense 2.4.  My question is, for 2.2.x / 2.3.x systems still in production, can someone tell me the specific circumstances where this bug "bites" ?  I read through the redmine ticket but it's filled with 2 years of ambiguities and unconfirmed claims.  All I know is that some combo of limiters + NAT breaks stuff badly.

      I have a 2.2.6 firewall that I think might be hitting this bug, that's why I'm asking.  Thanks to anyone who can clarify.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Any time when a limiter acts on traffic that also performs NAT on the same interface and direction

        Things such as:

        • Port forward inbound on WAN + Limiter inbound on WAN
        • Limiter outbound on WAN (floating rule) + Outbound NAT
        • Limiter inbound on LAN + NAT redirect on LAN such as squid proxy transparent interception

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • luckman212L
          luckman212 LAYER 8
          last edited by

          Thank you very much for that

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.