Actions
Bug #2325
closed
Limiters don't work on OPT WAN rules w/rdr
Status:
Duplicate
Priority:
Normal
Assignee:
Category:
Traffic Shaper (Limiters)
Target version:
-
Start date:
03/29/2012
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
Description
Putting a limiter on an OPT WAN (any WAN that doesn't have the default gateway) breaks traffic through rdrs (at a minimum). The SYN gets passed, the SYN ACK is blocked out on the OPT WAN.
rdr on em2 7.14.90.63 (fake IP) port 52146 to an internal host, SYN gets passed, gets SYN ACK in a response, SYN ACK is blocked out on em2.
Mar 29 14:13:24 pf: 00:00:00.290027 rule 2/0(match): block out on em2: (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 52) Mar 29 14:13:24 pf: 7.14.90.63.52146 > 19.9.45.52.15053: Flags [S.], cksum 0xca38 (correct), seq 451818746, ack 2914211410, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
Updated by Ermal Luçi over 12 years ago
- Status changed from New to Feedback
This should be fixed by commit requiring that on floating rules you specify the gateway.
At least for 2.1
Updated by Chris Buechler almost 12 years ago
- Status changed from Feedback to New
- Target version changed from 2.1 to 2.2
issue unchanged in general for the specific circumstance in the original. Non-regression, postponing to 2.2.
Updated by Chris Buechler over 10 years ago
- Category changed from Operating System to Traffic Shaper (Limiters)
- Assignee set to Chris Buechler
needs review along with the other limiter tickets, there is overlap between them.
Updated by Chris Buechler over 10 years ago
- Target version changed from 2.2 to 2.3
- Affected Version changed from 2.0.x to All
Updated by Chris Buechler over 9 years ago
- Status changed from New to Duplicate
- Target version deleted (
2.3)
duplicate of #1848
Actions