Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Best Practice for Firewall Rules?

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 498 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MichaelCropper
      last edited by

      Configure on Inbound Interface?

      Configure on Outbound Interface?

      Both?

      I'm assuming it's a bit of a mixture, but asking more as a best practice to ensure things are easy to manage in the long term when things get more complex.

      Any handy guides / reference material that can be researched further that would be handy.

      Likewise, any handy guides / reference material for how to debug when things should be working but aren't.

      Regards
      Michael

      AndyRHA S 2 Replies Last reply Reply Quote 0
      • AndyRHA
        AndyRH @MichaelCropper
        last edited by

        @michaelcropper There are a few posts in this thread that should help.

        https://forum.netgate.com/post/1042405

        o||||o
        7100-1u

        1 Reply Last reply Reply Quote 1
        • S
          SteveITS Galactic Empire @MichaelCropper
          last edited by

          @michaelcropper Rules are evaluated when traffic arrives on an interface.

          Floating rules are more complicated but can handle other types.
          https://docs.netgate.com/pfsense/en/latest/firewall/floating-rules.html

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote 👍 helpful posts!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.