[pfSense Support] [pfSense 2.0] Queue not available in rules editor
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, First of all, I'm a new pfSense user since Friday and really like it so far :-) Thanks to all developers and contributors. I'm playing a bit with the traffic shaper and noticed that if I edit a firewall rule, only "none" is available for "Ackqueue/Queue". In the rule summary, the queues are displayed (e.g. "qACK/qOthersLow"). Thus if I try to edit a rule generated by the traffic shaper wizard, the queues are lost. Am I doing something wrong? Should I report this bug? Version: 2.0-BETA4 (i386) built on Thu Nov 4 18:55:36 EDT 2010 System: Alix board Scheduler type for the queues: PRIQ Thank you. Cyril Jaquier -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzVkiUACgkQlYy8cEwUMaQ7agCgggvSJrh5JLmX9uYM6kE8wXfp CdUAn3ynGFQyYhX+ypIXPWeNVSnshZwy =m08T -END PGP SIGNATURE- - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] DNS problem if prioritized
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I spent a few hours on Friday wondering why the DNS servers of my ISP didn't answer. Ping worked and the DNS servers worked as expected without using pfSense. I finally found the problem: In the traffic shaper wizard, if I select a higher priority for DNS (in the last page) then DNS queries (or answers) to my ISP's DNS servers don't work!? Google public DNS (8.8.8.8 and 8.8.4.4) works in this situation. Removing the floating rules for DNS in the firewall make my ISP's DNS servers work again. Did you already see a similar behavior? Version: 2.0-BETA4 (i386) built on Thu Nov 4 18:55:36 EDT 2010 System: Alix board Thank you. Regards, Cyril Jaquier -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzVlcYACgkQlYy8cEwUMaToDQCdH5pw8TN+9lBfr6dZgZM+kx/N wb0AnizBIv8Dh5b/aRThzgQiVXKAWkP4 =paeD -END PGP SIGNATURE- - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] [pfSense 2.0] Queue not available in rules editor
I noticed that a week or so ago and posted it in the forums with no response. I know it worked correctly 2-3 weeks ago. All the queues seem to get built, but nothing shows in the Queue view in the shaper or firewall rules. It also seems traffic only makes it to the default queue when you look at Queue Status. I also found an error in my system logs related to it. Look for my post in 2.0 Feedback called Traffic Shaper Broken IIRC. --Original Message-- From: Cyril Jaquier To: support@pfsense.com ReplyTo: support@pfsense.com Subject: [pfSense Support] [pfSense 2.0] Queue not available in rules editor Sent: Nov 6, 2010 1:36 PM -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, First of all, I'm a new pfSense user since Friday and really like it so far :-) Thanks to all developers and contributors. I'm playing a bit with the traffic shaper and noticed that if I edit a firewall rule, only "none" is available for "Ackqueue/Queue". In the rule summary, the queues are displayed (e.g. "qACK/qOthersLow"). Thus if I try to edit a rule generated by the traffic shaper wizard, the queues are lost. Am I doing something wrong? Should I report this bug? Version: 2.0-BETA4 (i386) built on Thu Nov 4 18:55:36 EDT 2010 System: Alix board Scheduler type for the queues: PRIQ Thank you. Cyril Jaquier -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzVkiUACgkQlYy8cEwUMaQ7agCgggvSJrh5JLmX9uYM6kE8wXfp CdUAn3ynGFQyYhX+ypIXPWeNVSnshZwy =m08T -END PGP SIGNATURE- - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Kevin Tollison Sent from my Blackberry
Re: [pfSense Support] DNS issue
Alright. I got it. Thanks to all that responded. There were a couple of duplicate rules in the rules table from the automatically entered rules and from me deleting and re-adding, etc. I deleted all references to DNS from the NAT tables and the Rules tables and then re-created them all. They work fine. Thanks to all who responded. --Curtis > > On Nov 5, 2010, at 9:24 PM, Curtis Maurand wrote: > >> I have a DNS server behind a pfsense box. The dns forwarder is enabled >> (I've tried disabling it.) >> >> Without the forwarder, dns queries from behind the pfsense box don't >> resolve, not ever. >> With the forwarder dns queries resolve and the active directory works >> fine as the windows servers forward all their queries to the pfsense box >> and they are handled. >> >> My problem is that there is an unrelated dns server behind the pfsense >> machine that needs to answer to the outside world. I set up a virtual >> ip address (tried it all three ways) and set up a NAT rule to forward >> TCP/UDP on port 53 DNS to the server inside. TCP queries work, but UDP >> queries time out against the virtual address, but work fine on actual >> address. Have I run into something. >> >> WanIP forwarded to inside server works both tcp and udp. >> Virtual IP forwarded to inside server works tcp >> Virtual IP forwarded to inside server fails udp. >> >> Most dns queries are udp except for dnssec, dkim and spf. > > Corresponding firewall rules? my internal machine is running DNS as well, > and I allowed it to query the outside world, and works just fine > through my pfsense box. > > You could also tcpdump on the pflog0 interface and see what is going on > and what is getting blocked.. > >> >> Any ideas? >> >> I'm running a 1.2.3-RELEASE built nearly a year ago. >> >> Thanks, >> Curtis >> > > -- > /"\ Best regards,| re...@freebsd.org > \ / Remko Lodder | > Xhttp://www.evilcoder.org/| Quis custodiet ipsos custodes > / \ ASCII Ribbon Campaign| Against HTML Mail and News > > > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
