![]() As you don’t want to expose all private IP addresses on the public internet, Source Network Address Translation (SNAT) is required here. When configuring any firewall or perimeter device, one of the first steps is to make sure you can connect from your internal network to the internet or WAN for DNS, HTTPS traffic etc. When network traffic moves back and forth between an internal private IP address space (LAN) and a public IP address space (WAN), there needs to be some sort of network address translation (NAT) that occurs. This article helps you understand the types of NAT available and uses the example of exposing a Plex server on the public internet without the extra DNAT rules that are not needed. By knowing your environment, some basic theory, and what is and is not required, you can configure clean concise DNAT rules. ![]() However, this does generate a lot of configuration that is not strictly required. ![]() Sophos XG makes it easy to expose internal services to the public internet using the Server Access Assistant (DNAT) wizard. If you’re communicating with a remote instance of pfsense then nmap is not a viable replacement however.Understanding and Optimizing Sophos XG’s DNAT Rules ![]() Honestly I’m not sure how much value the feature holds over nmap if hass is running on the same network as pfsense. Of course not all devices use dhcp so that would be a best effort basis. Looking for a dhcp entry with the matching mac address and seeing if that shows offline. I’ve also considered adding dhcp data to the mix. Essentially replacing the global timeout but specifically for the devices being ‘watched’. If within the next 60 second window the device has had no activity (with pfsense) it would appear as offline. So lets say the hypothetical new value is 300 seconds, during the 60 second cycle I would compare the expires value against the 20 minutes and if it expires in less than 15 minutes (20 minutes minus 300 seconds) I would clear the arp entry for that specific address. So every 60 seconds we check the arp table looking for entries. I have been thinking about introducing a sort of refresh timeout parameter that would clear the arp entry for specific devices after the given threshold.įor example, the default arp window is 20 minutes. Integration: pfSense (documentation, issues)įirst occurred: 11:44:50 (156 occurrences)Įrror doing job: Task exception was never retrievedįile “/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py”, line 134, in _handle_refresh_intervalĪwait self._async_refresh(log_failures=True, scheduled=True)įile “/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py”, line 265, in _async_refreshįile “/config/custom_components/pfsense/ init.py”, line 334, in process_entitiesĮntities = self.process_entities_callback(self.hass, nfig_entry)įile “/config/custom_components/pfsense/device_tracker.py”, line 39, in process_entities_callbackĮntry_mac = entry.get(“mac-address”).lower()ĪttributeError: ‘NoneType’ object has no attribute ‘lower’Ĭool! Let me know how it goes. Source: custom_components/pfsense/device_tracker.py:39 The amount of data available is super helpful. On a positive note, thanks for working on this integration. ![]() No disabled entities being created in my case. It seems the device_tracker feature is failing, according to the logs generated. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |