4. Revisiting Bug #4326: Limiters on fw rules where NAT applies drop all traffic

Revisiting Bug #4326: Limiters on fw rules where NAT applies drop all traffic


  • I know that bug #4326 is marked fixed in pfSense 2.4.  My question is, for 2.2.x / 2.3.x systems still in production, can someone tell me the specific circumstances where this bug "bites" ?  I read through the redmine ticket but it's filled with 2 years of ambiguities and unconfirmed claims.  All I know is that some combo of limiters + NAT breaks stuff badly.

    I have a 2.2.6 firewall that I think might be hitting this bug, that's why I'm asking.  Thanks to anyone who can clarify.

    0
  • Rebel Alliance Developer Netgate

    Any time when a limiter acts on traffic that also performs NAT on the same interface and direction

    Things such as:

    • Port forward inbound on WAN + Limiter inbound on WAN
    • Limiter outbound on WAN (floating rule) + Outbound NAT
    • Limiter inbound on LAN + NAT redirect on LAN such as squid proxy transparent interception
    0

  • Thank you very much for that

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy