Actions
Bug #12654
closed
Nat issue after 20211220 version
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
22.01
Release Notes:
Force Exclusion
Affected Version:
2.6.0
Affected Architecture:
amd64
Description
Upgrading to version 20211220+ results in loss of pfSense box internet connection if Outbound NAT Source "any" is used
see https://forum.netgate.com/topic/168768/nat-issue-after-20211220-version
Updated by Steve Wheeler over 2 years ago
This appears to affect any traffic using outbound NAT from an IP on the firewall itself. So, for example, localhost:
[22.01-BETA][admin@5100.stevew.lan]/root: nc -vz -s 127.0.0.1 208.123.73.73 80 nc: connect to 208.123.73.73 port 80 (tcp) failed: Operation timed out
With the default auto OBN rules it also applies to any internal IP.
With an additional 'any' source rule it applies to traffic from the WAN IP.
Updated by Steve Wheeler over 2 years ago
- Status changed from New to Feedback
- Target version set to 2.6.0
- Plus Target Version set to 22.01
- Affected Architecture amd64 added
This looks to have been an edge case caused by enabling RSS. Possibly a race condition.
RSS is now disabled in current snapshots and traffic NAT'd from IP addresses on the firewall is working as expected.
Updated by Viktor Gurov over 2 years ago
- Status changed from Feedback to Resolved
works as expected on 22.01.b.20220109.0600
Actions