I have migrated from a standalone PC running m0n0wall 1.231 to an ALIX 2.1 board (three NICs) running the newest 1.3b5
I am using m0n0wall in front of our Cisco PIX in order to utilize it's robust traffic shaping features, and it was working great with the previous hardware/software combination.
After manually duplicating my existing (standalone PC) configuration on the ALIX and putting the box into production it doesn't seem to be exhibiting the same behavior as the previous version.
I am bridging WAN and OPT1. LAN is configured with a static IP but is not connected to anything. I have enabled filtering bridge and have added in any to any rules on both WAN and OPT1. I have added a few traffic shaping rules that apply to both WAN and OPT1 interfaces. I have not touched any NAT configuration or done much else in the way of making changes away from the defaults other than disabling the DHCP server and giving WAN a static (public) IP address.
I am able to pass traffic through the box with no issue, our connection to the outside world through the ALIX system remains intact. I am not, however, seeing any firewall states other than my own access to the web GUI through the WAN interface (I have allowed only certain IPs to access in this way), and I am 100% sure that large numbers of connections are being made through the box. If I disable traffic shaping, firewall entries begin appearing.
I have also verified that traffic shaping does not seem to be working when enabled, as I have added a small pipe and corresponding rules to shape traffic originating from my PC behind the m0n0wall and PIX and see no change in throughput.
Has anyone else experienced problems with 1.3b5 filtering bridge/traffic shaper perhaps specifically on the new ALIX hardware?
|