Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is ther a way to copy firewall rules from one interface to another

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 5 Posters 11.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      guardian Rebel Alliance
      last edited by

      I just split my LAN into a couple of VLANs, so I've got a whole bunch of firewall rules that need to be changed because the LAN interface isn't really used anymore.

      Is there a quick way to extract the rules, so I can use a text editor to change the interface name.
      Then how can I  reimport the modified rules?

      Would be very nice not to have to go one by one with the GUI.

      If you find my post useful, please give it a thumbs up!
      pfSense 2.7.2-RELEASE

      D 1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        Easy enough-

        Copy the rule using the "Copy" icon under "Actions" on the right side of the rule.

        Edit the new copied rule and change the "interface" to your new VLAN.

        Save.

        edit- remove confusing statement/

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • jahonixJ
          jahonix
          last edited by

          What chpalmer wrote is absolutely correct.
          Alternatively you could export your config.xml, edit it with a text editor and reimport it.

          Both are valid approaches.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            If you have a lot of rules then the import/export method would be best.

            1 Reply Last reply Reply Quote 0
            • G
              guardian Rebel Alliance
              last edited by

              Thanks all….

              A couple of follow up questions...

              When you say export to xml, I am assuming that you mean with the GUI Backup function? 
              Or is there another better way from the shell?

              Can someone tell me if it is OK to hack a backup file like this:

              <pfsense><version>15.5</version>
                <nat>RULE DATA</nat>
                <filter>RULE DATA</filter></pfsense>

              just keeping the sections that I want?

              That way if I have a starting set of rules that I want, I could just do a restore.

              If it's OK to hack the backup.  When I restore it, is it OK to restore all, or can do I have to restore NAT and FIREWALL RULES as two separate operations?

              Do I have to do a full reboot after loading the rules, or is a the restore enough?

              Or can I just run a command from the shell to reload the rules? 
              I saw this command (Source: https://www.linuxnet.ch/blog/technical-blog-1/post/important-cli-commands-2)

              /etc/rc.reload_all

              Can    /etc/rc.reload_all  be used in place of a reboot?

              If you find my post useful, please give it a thumbs up!
              pfSense 2.7.2-RELEASE

              1 Reply Last reply Reply Quote 0
              • N nasheayahu referenced this topic on
              • D
                dlogan @guardian
                last edited by

                @guardian I wish someone would make this feature or a package that could do it. I would use the heck out of it.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.