Port forwarding has not worked for two days ... has the firewall been changed?

The problem I have here is that I can no longer wake up my server from outside the network. This has worked fine for several years. Not for two days. The WoW package is suddenly dropped? Why?
I urgently need help so that I can wake up the computer again.
Thanks in advance

EDIT: I used as an example this llink

BUT: My interface looks completely different to this example…
Are there new changes to the Firewall/GUI?

Core update you’re running on? current is 152. Can you provide a screenshot of home?

Wake on Lan uses the mac address, it does not care if you’re within your network. I can wake up my server by sending a magic packet to the server.

Running Core 152 and yes, it doesn’t care… until yesterday…
Within my LAN its still working, but the Firewall doesnt forward the WOL-Broadcast anymore… and i dont know why…
I think i will wipe the whole Fire and reinstall it again…
This “firewall rule system” is weird… :crazy_face:


your description sounds like you are bumping into this bug.

It is fixed in the upcoming Core Update 153, of which a testing version is already available.
Unless some serious bugs or regressions show up, I expect Core Update 153 to be released before Christmas.

Long story short: You could either install Core Update 153 testing (please see here how to do this)
or wait until Core Update 153 is released, which will most probably fix your problem.

I think i will wipe the whole Fire and reinstall it again…

If I understood your problem right, there is no need to do so.

This software is weird… :crazy_face:

Agreed, this bug is really nasty, especially to newcomers. I hope you will manage to get it working, anyway.
If not, there is a wiki and this forum available to answer questions. :slight_smile:

Thanks, and best regards,
Peter Müller

Thanks for the hint, Peter :+1:
Then… i will wait cause i hate it to reinstall the Firewall and all my stuff since 2010… thats like a terror :rofl:
By the way: I can edit the rules and all settings are there, but the fire doesn’t react to changes.
The strange thing is, i didnt change the rule, but changed the NIC on my Plex-Server which i normaly wake up from outside my LAN. But this “not changed rule” is not working anymore…
Is there a way to change the firewall-rules on the console and not over the GUI?


If you changed the nic, have you checked that it is enabled for wake on lan. Not all nics do that by default. On my desktop I have a nic that I have to set the wake on lan to be on at every boot otherwise by default it will not be enabled.

I can’t remember the details of the command to check this but I think it is ethtool and if g is set then it is enabled for wake on lan. Without the g it is disabled.

1 Like

I use Arch Linux on my servers, desktop etc. The following is from their wake on lan information with regards to nics.

Enable WoL on the network adapter

Depending on the hardware, the network driver 
may have WoL switched off by default.

To query this status or to change the settings, 
install ethtool, determine the name of 
the network interface, and query it using the 

# ethtool interface | grep Wake-onSupports 
Wake-on: pumbag Wake-on: d

The Wake-on values define what activity 
triggers wake up: d (disabled), p (PHY 
activity), u (unicast activity), m (multicast 
activity), b (broadcast activity), a (ARP activity), 
and g (magic packet activity). The value g is 
required for WoL to work, if not, the following 
command enables the WoL feature in the 

# ethtool -s interface wol g 

Note: Setting one of u, m or b along 
with g might also be necessary to enable the 

This command might not last beyond the next 
reboot and in this case must be repeated via 
some mechanism.

If this is your problem then you will need to add the command to start the wake on lan into a start up script on your Plex Server.

Hopefully this will be of help.

1 Like

FYI - I updated the wiki page with current info.

Hi Jon and thanks for this information - now it looks like my interface :smile: :+1:
My config is exactly the same (and was working for many years).
As Peter mentioned, its maybe a bug in the firewall-rule-config. Lets see if Core 153 can fix it.

FYI: Did some additional tests with new firewall-rules and guess what? NOTHING is working now! What the heck???
Whats up with the Fire? I did not change/update anything and now i cant implement new rules to the firewall… thats “really” bad guys! I hope, Core 153 will fix this! I need some new rules!

Regarding the non functioning rules web interface look at this thread

I know this thread but this is not my problem…
I tried to implement rules directly over the console without GUI and its also not working.
So its not only the GUI…


would you please post additional information and screenshots telling us

  • what you precisely did
  • how the output looks like and
  • in which way the output differs from your expectation.

Just saying “nothing works” is not how support works here - it neither helps you nor us, since there is no way of telling what went wrong.

Thanks, and best regards,
Peter Müller

…this could take a little bit longer…
The reason why i opened this thread was, that my existing firewall rule for Wake on WAN was not working anymore - without any changes.
I checked the logs and saw, that the WOL-package what i have sent over my phone no longer reaches the fire - i tried it again, but no luck. Then i deleted the rule and created it new… same result… the fire doesnt react on this income anymore.
Then i implemented the rule directly at the file /var/ipfire/firewall/config to see, if this is working. but also no luck. It seems that the firewall is no longer reacting at any created rule…
I am not a software engineer and explaining this in english is not easy…
Fact is: No changes on the rule set, but not working anymore…

This would mean the MAC address is different.
Will this route by IP address also?
Sorry for making noise.

1 Like

Yep - that was the only change i did. The Server got a new NIC…
And the second thing was, i couldnt use the old IP so i gave him a new IP.
But what i dont understand: When i delete the “old” rule and create a “new” one, its not working too.

The server had 3 changes of NICs - the IPs of the two first NICs are still at the arp-cache and i cant delete it - also a strange thing.
When i use arp -n, the old IPs are still there with the flag “CM”.
The last change of the NIC was 6 months ago and right now with a new one…
The last and newest IP has the flag “C”

Can you wake PC for IPfire WUI.
That would help rule out PC/nic.

What do you exactly mean?

From the wake on lan page of the IPfire WUI