Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    floating rules not working

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 320 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E Offline
      enesas
      last edited by enesas

      I add the DNS block rule to the floating rules, it doesn't work. However, it works when the related VLAN is added to the interface. floating ip blocking as rule works but external DNS blocking does not.

      What could be the reason?

      Version 2.6.0-RELEASE

      floating1.PNG

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator @enesas
        last edited by

        @enesas Well that rules show that it has never been evaluated, see the 0/0 B under states.

        For a rule to be evaluated, it has to match. And if floating you would want quick marked on it.

        So yeah you would have to have the correct interface selected..

        Also with block rules, if there was already existing state that allows the traffic, the rule would never be evaluated because states are looked at before rules.

        But you need the double little green arrows on floating rules to mark them as quick.

        quick.jpg

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

        E 1 Reply Last reply Reply Quote 0
        • E Offline
          enesas @johnpoz
          last edited by

          @johnpoz said in floating rules not working:

          @enesas Well that rules show that it has never been evaluated, see the 0/0 B under states.

          For a rule to be evaluated, it has to match. And if floating you would want quick marked on it.

          So yeah you would have to have the correct interface selected..

          Also with block rules, if there was already existing state that allows the traffic, the rule would never be evaluated because states are looked at before rules.

          But you need the double little green arrows on floating rules to mark them as quick.

          quick.jpg

          yes i ticked fast and it worked. I skipped it.
          Thank you for your quick reply.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.