Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Floating Rule - What is states calculating?

    Traffic Shaping
    2
    6
    303
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Animosity022 last edited by

      What is the states calculating/counting in the Floating Rules area?

      I see what looks like traffic numbers but it doesn't seem right as they are very low.

      https://imgur.com/a/UOxaXT2

      1 Reply Last reply Reply Quote 0
      • S
        SteveITS last edited by

        I was just going to ask that also. I reran the wizard, and while Status/Queues shows VoIP traffic during a call, around 100 Kbps, but the states field on the rule shows Bytes of 400 B down and 700 B up (7.832 K evaluations) when I'm done with the call, after several seconds of talking.

        I started looking because a client's router logged a grand total of 64 B of inbound traffic per that rule in the last few weeks.

        1 Reply Last reply Reply Quote 0
        • S
          SteveITS last edited by SteveITS

          I deep dove into shaping yesterday and reran the wizard at a few locations last night, which presumately would have reset the counters. Here's one with a screen cap of the (only) two VoIP rules showing zero bytes:
          6ca094ad-e6e9-4be9-a859-004844ba0b79-image.png
          Yet the queue currently has some traffic, with Borrows, indicating more traffic, and I know they've had calls today:
          c4c2da09-8f20-4196-89c1-0061f6ba6a8b-image.png

          1 Reply Last reply Reply Quote 0
          • S
            SteveITS last edited by

            Still an issue (open question?) in 2.4.5.

            Floating rule marking it low priority:
            b6bbc9bb-45c0-4f28-86c2-936a480ae7ce-image.png
            Firewall rule allowing the NAT:
            409d30d5-07a4-4829-909f-d11ded7e6013-image.png

            S 1 Reply Last reply Reply Quote 0
            • S
              SteveITS @SteveITS last edited by

              Still an issue (open question?) in 21.02

              S 1 Reply Last reply Reply Quote 0
              • S
                SteveITS @SteveITS last edited by

                I was trying to deprioritize a specific download (IP) tonight and having trouble. I found if I view Diagnostics/States the states are shown with the server IP (behind pfSense) as the destination (on both WAN and LAN). If I set the floating rule to use the IP as the destination, it puts the traffic in the qOthersLow queue. So I suspect the state bytes count is the count of the inbound URL request (several dozen bytes), and not the amount of the traffic actually going into the queue (multiple GB of download).

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy