Port forwarding not working after upgraded to 1.2.2



  • I am using the pfSense embedded on ALIX hardware and port forwarding has been working fine for pfSense 1.2. After I upgraded to 1.2.2 (even tried 1.2.3-RC1), port forwarding stopped working. I setup pfSense to forward some ports to a Linux box, and I have tried setting iptables rules to see if any packets got forwarded. My setup is a simple one which has all the computers connected to a switch and then to ALIX. Here is a list of what I have tried/noticed:

    1. I have tried forwarding a single port and a range of ports. Either TCP or UDP, and tried both TCP/UDP.

    2. Even tried flashing the CF card and entering rules/NAT from scratch.

    3. I turned on the logging of firewall rules, and indeed those packets were accepted on pfSense. However, the counters of those Linux iptables rules did not change. I also tried setting up rules in the raw prerouting table, but seen no packets for those rules.

    4. If I change the state of the TCP rule to "synproxy state", the iptables rules did see some packets coming it. The TCP flags of these packets were ACK and RST.

    5. I once setup a TCP rule similar to the pfSense to look for S/SA, but saw no packets on the Linux box.

    6. UDP never got forwarded.

    7. No problem if I try to connect the ports from my LAN computers.

    8. ShieldsUp reported all forwarded ports as stealth (except synproxy state).

    I am puzzled because it was working perfectly on 1.2. Are there anything that I can try to solve this? Thanks.


Locked