Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Not installing nat reflection rules. Maximum 1,000 reached.??

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Gandalf
      last edited by

      Hi,

      When I have azureus running on my computer (more than 30 torrents are up), I can't use rsync+ssh, I usually backup my mails and my subversion repository to a remote computer using Rsync, but when azureus is open and I try to use it I get this error in the log:

      
      php: : Not installing nat reflection rules. Maximum 1,000 reached.
      
      

      and rsync quit with a time out, also I can see that the connection from remote_address:22 to local_address:random_port is blocked in the firewall logs,
      So how can I resolve this issue?

      Oh and BTW I have another question regarding 'nat reflection rules', I have websites on my server (same PC that is running azureus and rsync) and something doesn't fit, to be able to see my local websites in LAN I have to disable NAT reflection but in order to get rsync working I must enable it, So the only thing that I found working is to enable NAT reflection and in DNS forwarder add all the websites as hosts to the Server's ip, is this the right way to do it??

      I have pfsense "1.2-BETA-1-TESTING-SNAPSHOT-05-11-2007" installed.

      Thx

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        I would recommend using a proper split DNS infrastructure and don't use reflection. It's ugly any way it's done, but it's really ugly how we currently do it.  :)  A replacement is in the works for a future (post-1.2) release.

        1 Reply Last reply Reply Quote 0
        • G
          Gandalf
          last edited by

          @cmb:

          I would recommend using a proper split DNS infrastructure and don't use reflection. It's ugly any way it's done, but it's really ugly how we currently do it.  :)  A replacement is in the works for a future (post-1.2) release.

          But if I turn reflection off, then whatever I try rsync won't work, did I miss something??

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.