Upload traffic shaping broken when specifying gateway

[tkald]

When specifying gateway on lan fw "pass" rule, upload limiting on traffic shaper won't work.

Upload traffic wont reach the pipe:
ipfw show
...
60000 0 0 return ip from any to any
60001 0 0 pipe 10011 ip from 192.168.17.0/24 to any via lagg3
60002 5651 4944612 pipe 10010 ip from any to 192.168.17.0/24 via lagg3
65533 6851 5021433 allow ip from any to any
65534 0 0 deny ip from any to any
65535 342 23087 allow ip from any to any

...

When not explicitly setting gateway and using "default" gw, upload limit works:
ipfw show
...
60000 0 0 return ip from any to any
60001 3618 2630694 pipe 10011 ip from 192.168.17.0/24 to any via lagg3
60002 4202 4867142 pipe 10010 ip from any to 192.168.17.0/24 via lagg3
65533 8932 7567771 allow ip from any to any
65534 0 0 deny ip from any to any
65535 372 25087 allow ip from any to any

---

OPNsense 16.7.6-amd64

[fichtner]

Yup, working on a fix with FreeBSD... Basically what happens is that gateway settings skip the correct network stack processing, which causes multiple side-effects in combinations of pf(4) + ipfw(4), the former used for gateway routing, the latter for captive portal and traffic shaping.

[fichtner]

I've added a first freebsd review to make this happen, which doesn't actually make this happen but its a necessary step: https://reviews.freebsd.org/D8877

Since we work with FreeBSD we're not going to speed this to a release. Closing the issue in the hopes that the next few months will fix this. :)