Closed ghost closed 9 years ago
Just a quick question, did you apply after disabling? And if so, what does the ipfw ruleset look like (/usr/local/etc/ipfw.rules)?
Sure I applied the changes. The ruleset file is getting updated, but traffic is still passing through the (disabled) queues and pipes.
I verified by looking at Diagnostics -> Limiter Info and by entering
ipfw queue show
ipfw pipe show
can you check if it disabled the firewall rules which sends traffic to those pipes and queues? (ipfw show)
The script doesn't trash the queues and pipes on reload, but as long as there's no traffic directed to them that shouldn't be an issue.
The related firewall rules also remain active. I currently have 4 rules, 2 pipes and 2 queues, all the queues and pipes are disabled, changes were applied. Output of ipfw show
:
60001 0 0 queue 10000 tcp from any to 192.168.254.250 via pppoe0
60002 21743 14068223 pipe 10001 udp from any to 179.43.155.2 dst-port 1194 out via pppoe0
60003 0 0 queue 10000 tcp from any to 192.168.254.251 via pppoe0
60004 19810 11712701 queue 10001 ip from any to any in via ovpnc1
Found it, when you disable all it doesn't seem to regenerate the rules. If you add one enabled pipe, without a connection to anything you can work around your issue. The real fix should be easy I guess, I will look into that.
Merged into 15.7.15, nice catch!
OPNsense 15.7.14-amd64 Pipes and queues remain active after they have been disabled under Firewall -> Traffic Shaper. The changes are applied after a reboot, but this makes testing of new configurations very time consuming.