FW rules keeping established connections

pedreter

Hi all,

When FW rules are applied, Is it possible somehow to decide whether to keep already established connections or Drop them?

Thanks...

Pet.

mer

@pedreter
I'm not sure of exactly how pfSense is applying the rules, but typically in "raw pf" you'd use pfctl command. My understanding is you need to explicitly flush states and other constructs.
To the best of my understanding, pfSense does not flush existing states nor is there an option to choose flush or not.

pedreter

Out of curiosity...

this does not tells much about myself but... ¿what is the default? keeping existing or dropping?

Pet.

mer

@pedreter to the best of my knowledge it should keep existing by default.
To flush the states (drop existing connections) I think it's under Diagnostics, States then look for a "Reset States".

pedreter

Thanks a lot, @mer !!!