Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New firewall rule doesnt take effect until I manually reset states

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      gme
      last edited by

      Hi there,

      We had a bruteforce sip attack happen here that fail2ban resolved OK on the Port forwarded Box.

      However I wanted to stop it at the PFSense Box therefore clicked the Easy Rule to block. However this did not take effect after applying the rule and seeing the filter update.

      it was only after I manually reset the states on the PF sense box did the rules apply and I could see traffic to our voip server being blocked at the PFsense Box.

      Is this normal behaviour  ? I would have expected to take effect when I saved the rule and the filter was applied.

      I am on version 2.0-RC Built On: Fri May 20 16:52:10 EDT 2011

      cheers

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG Offline
        GruensFroeschli
        last edited by

        Yes this is normal and to be expected.
        The rules are checked when a state is created.

        Since in your case the states were already established, your new rule did only affect new connections and not the already existing connections.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • G Offline
          gme
          last edited by

          Thank you very much GruensFroeschli

          I will remember this in the future when creating rules.

          Many Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.