Issues in packet flow
-
Hi,
I will try to explain my issue shortly.
I have an infrastructure with a PFsense on the edge acting as firewall and reverse proxy.
An application is accessible on the wan address (A.A.A.A) with a specific port (ppp).
Firewall side : a floating rule allow access on A.A.A.A:ppp for some specific networks (ipv4 network of my 4G provider)
HAPROXY side : a frontend listen on A.A.A.A:ppp with an acl matching the hostname of the application and a backend send it to the designated server.
This work fine since a few years.
Except since monday I've found a few (four for now) IP in a /10 network of my provider presenting an issue.
For this few adresses I have the following issue :
Firewall side : traffic logged, PASS
HAPROXY side : nothingfew tests done show :
- killing the acl on the frontend of HAPROXY change nothing
- in the same time other similar adresses work fine
- same sourceIP on another port the packet is handled by HAPROXY
- if i make a port forward rule to redirect the packet on localhost and another port and create the appropriate HAPROXY frontend, the packet is not handled to HAPROXY
So it seem that this specific IPsource/Portdestination couple is not handled to the proxy.
My interrogation is :
wich process between the firewall and the HAPROXY can throw this packet ?Since monday i'm even dreaming of this issue, i've done more test than written here (and even dreamed some more).
If someone can offer some help for my mental health sake...Thank you