On Tue, Apr 18, 2017 at 8:02 PM, Steve Yates <[email protected]> wrote:
> I understand it's ideal to have limiters on the sending end. It's a long > story but I'm trying to set them on the receiving end of an rsync copy. > > I understand in 2.2-2.3 one should have them on the LAN interface. This > is on 2.3.3_1. > > In this scenario the remote server is x.x.x.x and the LAN computer is > 10.1.2.12:22, and we have a NAT rule forwarding port 2222 to 22. > > Firewall rule: > IPv4 TCP/UDP x.x.x.x * 10.1.2.12 22 (SSH) > Two limiters are set on in/out. > This firewall rule shows zero traffic in or out. No other firewall rules > show traffic from * to LAN. > > Diagnostics/States shows: > LAN tcp x.x.x.x:46098 -> 10.1.2.12:22 (and shows traffic) > > Is the rule+limiter not being applied because the port 2222 is NATted to > 22? Or because the NAT happens on the WAN side and the LAN rule isn't even > used? > > Thanks, > > Steve Yates > ITS, Inc. > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > Steve, Is this an ingress vs egress question? http://pfsensesetup.com/egress-filtering-with-pfsense/ That is if you are trying to limit something 'in' you would need to put the rule on the WAN side? _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
