firewall rules are not applied after a reboot of firewall, the fix is reapply or run status filter reload

bcruze

SG 3100. just upgraded to rc last night. then the latest this morning. 2.4.5.r.20200309.0300

upon reboot the alias/ rule i have for 2 macmini's is not working. the rule in place is for the traffic to go out a specific wan gateway. go to the rule, and reapply the setting under advanced options. it fixes it. OR if i click status then filter reload.

this has worked perfectly for years until the development version

jimp

Were there any errors or notices in the log when it wasn't working properly?

Does it work OK after a reboot (not during an upgrade, but a regular reboot)?

bcruze

a regular reboot, after the reboot the computers show traffic from my WAN connection. which is incorrect

the traffic rule specifically states a different gateway to be used.

status > reload filters fixes it instantly

i don't see any errors. is there a specific tab you want me to check. i checked openvpn, gateway, general. etc and nothing that i could see wrong

jimp

It would be under the general tab, if there were any. Might check the console as well.

Are there any hostnames in the alias there?

If you go to Diagnostics > Tables immediately after you boot, are there any entries in the table for the alias?

bcruze

i've applied the latest RC. rebooted. once i could login. diagnostics > tables. all alias where there and correct.

then i waited a few minutes, did a normal reboot. when i could login. all alias were there with the correct ip addresses of the devices

bcruze

i replied in my other thread about the alias is fixed by reinstalling the firewall on my SG 3100 back to stable and not restoring ANYthing previously. entirely rebuilt from scratch

i am now running sg 3100 on 2.4.4-RELEASE-p3 (arm) but have the same issue as i originally posted in this thread.

on the stable release, i have spent hours on trying to figure this out. in reading on redmine https://redmine.pfsense.org/issues/6028 if i am reading this correctly this affects ALL versions of Pfense? i have been using Pfsense for the past 3-4 years and never experienced this.

leads me to two things. is the image file for the sg 3100 contain issues my SG 4220 and SG 2220 did not have?

because i have been using these same rules, and yesterday they were built from scratch not restored from a previous firewall..

if this is the bug i just need to know that so i understand its being worked on

thank you Sir