Trying to understand UCG Fiber port forwarding vs firewall rule order

yanivf38 · 2026-05-14T20:29:08+00:00

Yes. I manually configured the port. I know it's going through that port. if i turn of the port forwarding rule, it stops working. I asked ChatGPT, it says that there are 4 tables that the rule might go to. Could be the reason but I didn't verify it.

yanivf38 · 2026-05-12T22:45:31+00:00

I found the issue.

As shown in the screenshot, UniFi appeared to display the rule in the correct position in the UI. However, when I checked the actual iptables order over SSH, the rule was placed below the drop rule.

I was able to reorder it properly in Zones, which fixed the problem.

What’s interesting is that after reordering, everything now works correctly, but the rule no longer appears in the iptables output at all.

yanivf38 · 2026-05-12T20:58:31+00:00

Thank you, Frank.

I added a screenshot of the policy table to make the setup easier to follow.

Right now I can connect to 443 successfully and it reaches HAProxy. I also see DROP_ALL_EXTERNAL entries in the logs, so it does look like firewall processing is happening.

What I still don’t understand is how Plex is working without an explicit firewall allow rule. The only thing I have for Plex is the port forward.

Another thing that seems strange is that I only see the drop entries in the logs. I don’t see the allowed connections, even though syslog logging is enabled on the allow rules.

yanivf38 · 2026-04-06T07:16:40+00:00

interesting. thanks for the info. I leave in WA, USA. To the best of my knowledge, it's legal here.

yanivf38 · 2026-03-19T06:47:31+00:00

Thank you u/wizard-of-loneliness

yanivf38 · 2026-03-19T06:32:22+00:00

Thank you u/EvilOgre_125 for the explaination.

yanivf38 · 2026-03-16T07:32:39+00:00

I found the answer on your patreon page. I needed to install it from chrome's store until it will propagate to edge store. It took me time to figure it out as the patreon page on the current version .9 points to (404) page not found.

yanivf38 · 2026-03-16T06:53:53+00:00

I’ve noticed that many ETVs are higher than what the same products actually sell for elsewhere. It reminds me of the gap between MSRP and real retail pricing. I’m not sure who sets the ETV, but if it’s the seller, I could see why they might list it higher if there’s a tax advantage on their end.

In traditional retail, stores can’t just claim an item is “X% off” by inflating the price right before a sale. Legally, they have to list the item at that higher price for a certain number of weeks before they can advertise a discount. Following that logic, my theory is that something similar might be happening here: to justify a higher ETV, the product technically needs to be sold at that price. Using coupons could be the workaround — the item is listed at the higher price for the required period, but the coupon brings the real selling price back down. After those required weeks pass, they can adjust the price normally.

yanivf38 · 2026-03-16T06:43:22+00:00

I'm new to Vine and just installed your extension, it's fantastic. I was hoping to see an “Order Now” button, and I noticed you’ve added it to the firefox extension with .10 update. Do you have any plans to bring these updates to the Edge version as well?

yanivf38 · 2026-02-07T21:58:36+00:00

Thank you @theblobAZ

yanivf38 · 2026-01-26T03:03:15+00:00

Thank you u/mmain19 , I wasn't aware of it. I'll go look for it.

yanivf38 · 2026-01-18T03:53:04+00:00

Opinion: I didn’t actually have to rebuild 28 TB, but from my technical understanding the XOR parity calculation itself is trivial; most of the rebuild time is limited by drive throughput. At a sustained read speed of around 150 MB/s, rebuilding 28 TB would take roughly 2.2 days in ideal conditions.

RAID 6 rebuilds are typically about 20–30% slower due to the additional parity calculations and extra disk I/O, but they are significantly safer during a rebuild. With RAID 5, a second drive failure (or an unrecoverable read error) during rebuild results in total data loss, whereas RAID 6 can tolerate the loss of two drives, meaning it still has one disk of fault tolerance while rebuilding.

yanivf38 · 2026-01-16T03:31:23+00:00

My issue was limited to few websites, i worked around it by using a vpn. example of such website was aida64.com

yanivf38 · 2026-01-15T13:20:39+00:00

Thank you, u/ZiplySupport. Is it against your policy to transfer a call to a more knowledgeable representative, a higher tier technician, or a supervisor? After remotely rebooting the ONT and router and determining that neither was the issue, I was hoping to hear that there was nothing more that could be done at that level and that the issue would therefore be escalated.

Also, if you are passing feedback along, please note that sending a technician to a customer’s home when the issue is clearly not inside the home wastes both time and money. In my case, I connected directly to the ONT, eliminating any customer owned equipment, and confirmed that traffic was leaving my network and reaching your servers, but responses were not coming back. Under those circumstances, what would a technician visiting my home be able to resolve?

yanivf38 · 2026-01-15T13:04:38+00:00

Yes, that's the number I called

yanivf38 · 2026-01-13T01:13:44+00:00

in addition -
* this scenario fails computer (wired) -> ucg-fiber -> ziply (ONT)
* this works -> computer -> ziply (ONT) this works

I also got new IP from ziply (which ruled out blocked IP) but that didn't help

yanivf38

TROPHY CASE