I have been attempting to setup a udp port forward so I can send the WOL
magic packet from an outside location to the broadcast address of a Lan
network behind a pfsense box. I haven't had any luck though, the packet
reaches the wan interface, and is passed by the firewall rule on the Wan
setup to allow it, and that also shows that the packet has been NATed.
But no packet is send out to the broadcast address of the LAN. I have
been trying to figure out if there is some firewall rule that is trying
to protect me from myself by blocking broadcast traffic, but nothing is
logged about that packet being blocked.
I have searched the listserv/forms/tickes/faq to the best of my ability
and haven't found anything related to this. Please let me know if this
is a known issue that I just couldn't find.
I have quite a few working TCP port forwards, no problems with those,
and the WOL from the firewall works fine.
My Configuration.
pfSense 1.0-RC1a-embedded (I know, old, but I can't upgrade easily, it's
at a remote location)
hardware FX5620
lan = "{ rl0 }"
wan = "{ rl1 }"
Nat
rdr on rl1 proto udp from any to 1.2.3.4 port { 40 } -> 192.168.208.255
port 40
Firewall rule
pass in log quick on $wan proto udp from { 4.5.6.7/28 } to {
192.168.208.255 } port = 40 keep state queue (qwandef, qwanacks) label
"USER_RULE: NAT Wake On Lan Forward"
Firewall rule log
Sep 29 10:47:46 fertile pf: 505939 rule 235/0(match): pass in on rl1:
(tos 0x0, ttl 52, id 38888, offset 0, flags [DF], proto: UDP (17),
length: 130) 4.5.6.7.58894 > 192.168.208.255.40: UDP, length 102
TCPDUMP on WAN (tcpdump -i rl1 port 40)
listening on rl1, link-type EN10MB (Ethernet), capture size 96 bytes
10:49:07.851234 IP mail.example.org.58895 > wanip.example.com.40: UDP,
length 102
TCPDUMP on LAN (tcpdump -i rl0 port 40)
listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
(Crickets Chirping, Arg, where be thee packet, arg)
Command used to send WOL packets
wakeonlan -i 1.2.3.4 -p 40 00:06:5B:C1:78:BA
Sending magic packet to 1.2.3.4:40 with 00:06:5B:C1:78:BA
Does anyone have any suggestions? The firewall was restarted. How can
I debug this?
Thanks
Josh
--
--
Lake Agassiz Regional Library - Moorhead MN larl.org
Josh Stompro | Office 218.233.3757 EXT-139
LARL Network Administrator | Mobile 701.371.3857
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
