Possible alias bug in pfBlockerNG?
-
Or is it just me?
I have an IP alias called K_customer that I try to enter under "Custom Destination".
The auto-complete that normally suggest the alias once I start typing an alias when using the Firewall GUI, it doesn't appear when entering text in the "Custom Destination" input field. And if I just typed the alias directly, it doesn't store the value.
Here is what I try to accomplish (I had to manually put in the !K_customer on the rule in the firewall instead of in the pfBlocker GUI. pfBlocker seems to remove it when it is updated):
pfBlockerNG-devel 3.2.0_6 and pfSense 2.7.0
-
@fireix It looks like it only takes Network(s)-aliases. Remember you can create your own rules and only use the aliases created by pfBlocker in those.
-
@Bob-Dig Ah, so it will only accept aliases with a /28 and similar, not an alias with multiple single IPs.
Yes, I guess you are correct, I can bypass it by creating the fw rule manually outside pfBlocker and reference the pfBlocker-alias from there instead. I'll do that for now.
-
@fireix said in Possible alias bug in pfBlockerNG?:
@Bob-Dig Ah, so it will only accept aliases with a /28 and similar, not an alias with multiple single IPs.
Technically you could create those with /32.
-
@fireix said in Possible alias bug in pfBlockerNG?:
I can bypass it by creating the fw rule manually outside pfBlocker and reference the pfBlocker-alias from there instead.
This is how I use pfblocker - not really a fan of any sort of auto rules that might change either in scope or in location on the firewall. But the aliases features of pfblocker are far more flexible than the built in aliases you can do with just pfsense.
So I just let pfblocker create native aliases, and then use those in my firewall rules on my own. It works quite well..
-
@johnpoz Ok :) Work-around in place (the /32 thing also worked), thanks for the help!
