pfSense/pfBlockerNG kills existing OUTbound states with IPs in "Deny Inbound" and "Alias Match" IPv4 categories.
I suspect and have not verified the other action types will kill matching states regardless of direction.
Running pfSense 24.03-RELEASE on Netgate hardware with pfBlockerNG 3.2.0_10
In Firewall > pfBlockerNG > General, Kill States is checked.
A "Deny Inbound" config is:
Firewall > pfBlockerNG > Edit > IPv4 is as follows:
Alias Name: Google_ASN
IPv4 Lists: Format: ASN, State: ON, Source: AS15169 [ GOOGLE, US ], Header/Label: AS15169
List Action: Deny Inbound
Update Frequency: Once a day
Enable Logging: Disabled
States Removal: Enable
The pfBlockerNG log file has entries with multiple Google IPv4 addresses and private LAN IPv4 connected to those IPv4:
[ pfB_Google_ASN_v4 ] Removed 2 state(s) for [ 130.211.16.53 ]
igc1 tcp 130.211.16.53:443 <- 192.168.X.Y:59190 FIN_WAIT_2:FIN_WAIT_2
ix3 tcp 167.248.12.173:59190 (192.168.X.Y:59190) -> 130.211.16.53:443 FIN_WAIT_2:FIN_WAIT_2
More "alias configs" with different IPv4 addresses and "List Action" set to "Alias Match" exist. The pfblockerng update log contains entries similar to the above example with IPv4 addresses in these "Alias Match" configurations.
An old thread describes states NOT killed when aliases are updated:
https://forum.netgate.com/topic/121921/states-not-being-killed-pfblockerng
The description of the global kill states option, emphasis mine:
When 'Enabled', after a cron event or any 'Force' commands, any blocked IPs found in the Firewall states will be cleared.
Is the intent of the "States Removal" option for individual configs to be set to "Disabled" to skip the kill state action when the "List Action" is set to one of the non-deny-both types?