pfSense

I have a 25/10 DSL connection and for well over a year I've been able to setup queues successfully for regular internet traffic (qInternet), VoIP traffic (qVoIP), and other traffic such as LAN to OPT1 and OPT1 to LAN transfers as well as a Squid (0.4.36_2) Transparent Proxy (qOther).

The squid traffic was easily matched using a floating rule for any connection who's destination port was 3128. This has worked for both transparent and non-transparent configurations.

The problem I am seeing now is that traffic from the firewall/squid is not being matched to qOther. Instead it gets matched only with the default qInternet. LAN to OPT1 transfers enter qOther properly though. The problem seems to be related to traffic originating at the firewall.

To confirm, I placed a 1GB.zip file in /usr/local/www and then set a floating rule to match traffic connecting to this firewall itself on any port from any source IP/port for qOther.

Upon download, the packets still ended up in qInternet instead of the intended qOther.