AdSchellevis
commented
9 years ago Just a quick question, did you apply after disabling? And if so, what does the ipfw ruleset look like (/usr/local/etc/ipfw.rules)?
Closed ghost closed 9 years ago
AdSchellevis
commented
9 years ago Just a quick question, did you apply after disabling? And if so, what does the ipfw ruleset look like (/usr/local/etc/ipfw.rules)?
ghost
commented
9 years ago Sure I applied the changes. The ruleset file is getting updated, but traffic is still passing through the (disabled) queues and pipes.
I verified by looking at Diagnostics -> Limiter Info and by entering
ipfw queue show
ipfw pipe show
AdSchellevis
commented
9 years ago can you check if it disabled the firewall rules which sends traffic to those pipes and queues? (ipfw show)
The script doesn't trash the queues and pipes on reload, but as long as there's no traffic directed to them that shouldn't be an issue.
ghost
commented
9 years ago The related firewall rules also remain active. I currently have 4 rules, 2 pipes and 2 queues, all the queues and pipes are disabled, changes were applied. Output of ipfw show:
60001 0 0 queue 10000 tcp from any to 192.168.254.250 via pppoe0
60002 21743 14068223 pipe 10001 udp from any to 179.43.155.2 dst-port 1194 out via pppoe0
60003 0 0 queue 10000 tcp from any to 192.168.254.251 via pppoe0
60004 19810 11712701 queue 10001 ip from any to any in via ovpnc1
AdSchellevis
commented
9 years ago Found it, when you disable all it doesn't seem to regenerate the rules. If you add one enabled pipe, without a connection to anything you can work around your issue. The real fix should be easy I guess, I will look into that.
fichtner
commented
9 years ago Merged into 15.7.15, nice catch!
OPNsense 15.7.14-amd64 Pipes and queues remain active after they have been disabled under Firewall -> Traffic Shaper. The changes are applied after a reboot, but this makes testing of new configurations very time consuming.