Bug #786: UDP traffic blocked by a floating rule - pfSense - pfSense bugtracker

Actions

Bug #786

closed

UDP traffic blocked by a floating rule

Added by Sébastien GAGGINI over 13 years ago. Updated over 13 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

-

Category:

Rules / NAT

Target version:

Start date:

08/02/2010

Due date:

% Done:

0%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.0

Affected Architecture:

Description

I have a problem that as far as I can see is a bug.
When I add a "pass" floating rule for UPD traffic on port 53 then all DNS traffic seems to be blocked.

On an Alix board with this nanobsd build "2.0-BETA4 built on Sun Aug 1 22:41:37 EDT 2010".
I reset the config to Factory defaults, then setup the WAN & LAN interface. At this point everything works fine, the WAN interface gets it's IP from my modem and I can do DNS request from the shell.
Then I add a floating rule with action = Action, protocol=Action and port=53.
After the filter reload I can't do a DNS lookup from the shell.

If I disable the rule everything works fine again.

Clean config attached.

Files

Download all files

config-pfSense.localdomain-20100802190220.xml (13.3 KB) config-pfSense.localdomain-20100802190220.xml		Sébastien GAGGINI, 08/02/2010 03:21 PM
rules.debug_ok (4.29 KB) rules.debug_ok		Sébastien GAGGINI, 08/03/2010 02:22 PM
rules.debug_ok (4.29 KB) rules.debug_ok		Sébastien GAGGINI, 08/03/2010 02:22 PM
rules.debug_ko (4.36 KB) rules.debug_ko		Sébastien GAGGINI, 08/03/2010 02:24 PM

Actions

#1

Updated by Chris Buechler over 13 years ago

Category set to Rules / NAT
Target version set to 2.0
Affected Version set to 2.0

Actions

#2

Updated by Ermal Luçi over 13 years ago

can you please post the contents of the file /tmp/rules.debug before and after the problem shows itself.

Actions

#3

Updated by Sébastien GAGGINI over 13 years ago

File rules.debug_ok rules.debug_ok added
File rules.debug_ok rules.debug_ok added

rules.debug_ok with the rule disabled and dns lookup working
rules.debug_ok withe the rule enabled and the dns lookup not working

Actions

#4

Updated by Sébastien GAGGINI over 13 years ago

File rules.debug_ko rules.debug_ko added

Sorry, pisted the same file twice. Here is rules.debug_ko with the rule enabled

Actions

#5

Updated by Chris Buechler over 13 years ago

Ermal: at your request from earlier, I can't duplicate this on 1.2.3.

Though I can't duplicate it on 2.0 either, adding that exact rule works as it should.

Actions

#6

Updated by Ermal Luçi over 13 years ago

I could reproduce this on a vm with 2.0 i have though i will update it again and post here.

Actions

#7

Updated by Ermal Luçi over 13 years ago

Status changed from New to Feedback

I cannot duplicate this anymore on latest snapshots too.

Actions

#8

Updated by Sébastien GAGGINI over 13 years ago

I updated to the last build and still have the bug.
( 2.0-BETA4 (i386) built on Tue Aug 31 07:03:18 EDT 2010 )

How can I help ?

Actions

#9

Updated by Chris Buechler over 13 years ago

Status changed from Feedback to Resolved

can't replicate

Actions

Also available in: Atom PDF