Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT GUI slow when using PfBlockerNG Alias

    pfBlockerNG
    2
    2
    134
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mattch
      last edited by

      Hi!
      I use PfBlockerNG lists in alias native mode, custom ipv4 lists. I attach the alias to NAT rules.

      One or two rules its fine but when I apply it to more rules, 15, the NAT GUI page takes for every to load, about a minute. I assume its because the alias is huge being mostly US/US_rep.

      Is that normal/expected? Any way I can speed it up? Memory usage is fairly low, less 10% of 4gb.

      thanks you

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @mattch
        last edited by

        @mattch it downloads the alias for each rule I think. Or at least processes it.

        There’s one trick we found, at least for our purposes …instead of using the alias as a NAT source, allow any and control the access using one firewall rule for all applicable ports. So, disable the automatic rule creation and create your own. That way the alias is not on the NAT tab and is listed once on the interface tab.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.