Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    While pfBlocker updates interface rules pfSense ignores floating rules

    pfBlockerNG
    2
    4
    286
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Ellingson
      last edited by

      Very interesting thing is happening.

      I noticed that when pfBlocker is running its hourly cron to get updated feeds, pfSense seems to ignore the floating rules while the interface rules are being updated. To simplify things...

      I use floating rules (pass, quick) to allow my private DNS resolver (AdGuard on a Raspberry Pi) to access Quad 9 DNS servers via TCP 443, and 853.

      I use pfBlocker to manage interface rules to block everyone from accessing any DNS service other than my private resolver.

      This works fantastic, except for about 90 seconds every hour when the cron for pfBlocker runs. After the updated IP lists are downloaded, it applies the changes to the interface rules. While those are being updated, it seems the floating rules are ignored and my private DNS resolver is blocked. Again... for just that 90 seconds or so. Then it works as normal.

      Crazy, eh?

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @Ellingson
        last edited by

        @Ellingson How long does a filter reload take? Status > Filter Reload, and the Reload Filter button (arrows).

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        E 1 Reply Last reply Reply Quote 0
        • E
          Ellingson @SteveITS
          last edited by Ellingson

          @SteveITS It is nearly instant. Think it has to do with writing to the aliases?

          1 Reply Last reply Reply Quote 0
          • E
            Ellingson
            last edited by Ellingson

            I changed the feeds to be once daily, but just like clockwork, at 20 or so seconds after the hour, every hour - for 90 seconds the floating rules are ignored. Continuing to see what could cause this. Open to ideas.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.