Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MissUnderstanding Floating rules

    Scheduled Pinned Locked Moved Traffic Shaping
    2 Posts 1 Posters 963 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Harvy66
      last edited by

      I have these floating rules that are having strange interactions with my port forwarding

      Floating Order: Before
      RuleName: LowUDP
      Interfaces: WAN/LAN
      Proto: UDP
      Direction: Any
      Ports/IPs: Any/Any
      Queue: qLowUDP

      Floating Order: After
      RuleName: BitTorrent
      Interfaces: WAN/LAN
      Proto: TCP/UDP
      Direction: Any
      IPs: Any
      Ports: Any/52100
      Queue: qACK/qP2P

      WAN Firewall rule
      RuleName: BitTorrent
      Interfaces: WAN
      Proto: TCP/UDP
      IPs: Any/192.168.1.2
      Ports: Any/52100
      Queue: qACK/qP2P
      This one is port forwarded from the NAT.

      –-------------------------------------------------

      Here's some PFTop queue information that seems a bit off

      WAN:
      qP2P          2976K hfsc    404K  412M      0      0    0 <-- notice lots of P2P traffic
      qLowUDP        5952K hfsc    20177  12M      0      0    0 <-- notice almost no LowUDP traffic

      LAN:
      qP2P          2976K hfsc    258K  75M      0      0    0 <-- Notice some P2P
      qLowUDP      5952K hfsc    69308  41M      0      0    0  <-- Notice nearly the same amount of LowUDP

      What I am not understanding is when I look at wireshark, all of the UDP traffic is coming at me on port 52100. To me this means that some of my 52100 traffic is being sent to qP2P and some is being sent to qLowUDP.

      The only reason I can think of this happening is some of the connection are initiated by me(LAN) and some are initiated by someone else(WAN). What I was expecting is LowUDP to have 0 traffic.

      I have a similar setup with HTTP traffic, and it seems to work as expected. The main difference is I don't get connections coming in, it's always going out.

      P.S. I did simplify this a hair bit as I have two P2P applications using two different ports setup the same way and having the same issue.

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66
        last edited by

        I wonder if I should have asked this in the firewall forum. Bump?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.