incoming NAT issue
-
Hello community
today I just noticed a kind of bug in pfsense 2.4.5-RELEASE-p1
while I disabled few incoming NAT rules but still the traffic was coming in from the outside world and the firewall just passing it.
-
@salmanghiyas Did you reset your states? Existing states are not affected by a firewall rule change.
-
@kom how to do that?
-
@salmanghiyas Diagnostics - States - Reset States
-
@kom said in incoming NAT issue:
@salmanghiyas Diagnostics - States - Reset States
Thanks, it worked, the only problem is we have RTP traffic going on so when I do that all calls go disconnected :/
-
@salmanghiyas That should only be a problem if you're frequently adding new block rules. Usually, you configure the firewall and then mostly leave it alone. If your situation requires these changes then it's best to set a time to make your changes outside of business hours. Or, you can use the state table (Diagnostics - States) and filter for destinations you're trying to block and then only reset those states instead of all established states.
-
@kom said in incoming NAT issue:
@salmanghiyas That should only be a problem if you're frequently adding new block rules. Usually, you configure the firewall and then mostly leave it alone. If your situation requires these changes then it's best to set a time to make your changes outside of business hours. Or, you can use the state table (Diagnostics - States) and filter for destinations you're trying to block and then only reset those states instead of all established states.
Thank you !
