Project

General

Profile

Actions
Copy link

Bug #13148

closed

Traffic passed by Captive Portal cannot use limiter queues on other rules

Added by Steve Wheeler over 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Kristof Provost
Category:
Captive Portal
Target version:
2.7.0
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default
Affected Version:
2.7.0
Affected Architecture:
All

Description

Traffic that has been passed by the captive portal on an interface will fail if it passed into a dummynet queue by other rules.

So for example if you have OUT rules on WAN that are using Limiters with queues defined.

pass out quick on em0 route-to (em0 172.21.16.1) inet proto tcp all flags S/SA keep state label "id:1652095021" label "gw:WAN_DHCP" label "USER_RULE: Allow all Limited OUT" dnqueue(1, 4) ridentifier 1652095021

It does not fail if the rules put traffic into pipes directly:

pass out quick on em0 route-to (em0 172.21.16.1) inet proto tcp all flags S/SA keep state label "id:1652095021" label "gw:WAN_DHCP" label "USER_RULE: Allow all Limited OUT" dnpipe(1, 2) ridentifier 1652095021

Traffic that has not passed the captive portal, such as from the firewall itself, passes as expected with pipes or queues.

Tested: 22.05.b.20220510.1811

Actions
Copy link

Also available in: Atom PDF