Bug #13045: Firewall floating rules ignore WireGuard traffic - pfSense Packages - pfSense bugtracker

Actions

Copy link

Bug #13045

open

Firewall floating rules ignore WireGuard traffic

Added by Adam Goldberg over 2 years ago. Updated about 2 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

WireGuard

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Affected Version:

Affected Plus Version:

Affected Architecture:

Description

When adding a floating rule to apply a limiter targeting traffic on a WireGuard interface, the rule is ignored.

Add a new rule:

Action: pass
Interface: WG0
Direction: out
Gateway: WG0_GW
In/Out Pipe: WGDownQ / WGUpQ

Counters show 0 / 0 for states and traffic regardless of rule order, direction, or gateway specified.

Additionally, if a rule is added on a WAN interface targeting the IP of a remote wireguard peer, the rule is ignored only when a WireGuard peer is active for that same IP.

Action: pass
Interface: WAN
Direction: out
Source (or Destination): address x.x.x.x
Gateway: WAN_GW
In/Out Pipe: WANDownQ / WANUpQ

Counters show 0 / 0 for states and traffic regardless of rule order, direction, or gateway specified.

Files

clipboard-202210041103-kkxlg.png (91.5 KB) clipboard-202210041103-kkxlg.png

→ luckman212, 10/04/2022 10:03 AM

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Bug #13045

Firewall floating rules ignore WireGuard traffic

Updated by → luckman212 about 2 years ago

Updated by → luckman212 about 2 years ago

Updated by → luckman212 about 2 years ago