Firewall NAT Rule Disabled But Access Still Allowed Through
-
Hello Community,
I have disable a Firewall NAT rule, but access through the firewall is still permitted.
Can someone please explain - especially as I paid the full subscription price to support this project.
-
So now I'm beginning to wonder if I should have done a bit more research by investing time and money into this so called Firewall….
I have now disabled the Firewall rule in both Firewall NAT and rule and access is still allowed..
What gives?????
-
Perhaps you should invest more time into reading the docs?
https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting#Dangling_States
Not to mention, having to disable the firewall rule after disabling the NAT rule sounds like you somehow forgot to press the Apply button altogether.
-
The NAT firewall are two completely separate features. The NAT conveniently make a pass firewall rule for you, but that's about the amount of cross talk the two features will do. In other words, disabling the NAT does nothing to making changes to your firewall, as it should be.
It is well documented that the firewall rules only apply to NEW states, not existing ones.
-
"especially as I paid the full subscription price to support this project."
Well then I would suggest you contact support vs posting on the forum asking for people to describe what a state is to you..
-
cpatte7372,
I must say that your preferred communications method, where you slag the firewall due to your limited knowledge and then act entitled because you paid for a Gold subscription (which entitles you to nothing in the way of support), isn't making you many friends here. Nobody expects you to be a network expert, but acting all huffy when you can't figure something out and trying to shame ESF or others into helping you just leaves a bad taste in the mouth.
-
Well he said FULL subscription, not gold? That would include 2 hours support. Gold is more a way of supporting the cause. I think it gets you a gold star on the forums sometime in the future ;)
But I completely agree with your assessment
-
I thought he mentioned a Gold sub in one of his earlier posts. Regardless, anyone can get off on the wrong foot sometimes. I don't want people to get scared off the project due to initial communications issues or some small misunderstanding. Pride and ego can get in the way of things, sometimes.
