PFBlockerNG changing the order of my own Floating Rules
-
I have a number of floating rules in addition to the rules automatically created by PFBlockerNG.
I'm finding that after an update of the PFBNG tables, the ordering of my own rules are changed.
Is there a way to ensure that the ordering of the additional rules is maintained after the tables are updated?
Confirming I have Default Order: | pfB_Block/Reject | All other Rules | (original format) enabled.
thanks
-
The "Auto rules" don't fit all scenarios… If you have interleaved permit/block rules, then the Auto type rules will not work for your needs... Click on the Blue infoblock icon in the IPv4 Tab to get specific help on using "Alias type" rules which will require you making the rules manually and associating the pfBlockerNG Aliastables...
-
Hi BBcan177,
maybe I didn't explain myself properly. The PFB floating auto-rules do the job I want them to do just fine. What I am finding is that after an updated my own rules order is changed.If you look at the floating rules, the PFB rules are on top, and my own rules are below them, say in order ABCDE. When an update of the PFB tables happens as per schedule, the PFB rules are still on top, an my rules are still below them, however the order of my rules is now something random like BADEC.
Maybe I'm reading it wrong, but the Rule Order option I selected Default Order: | pfB_Block/Reject | All other Rules | (original format), should maintain my own rules in the same order I applied them.
thanks
-
ok I will see if I can improve that in the next release… Thanks!
-
I'm facing the exact same issue over here. The order of the floating rules is being messed up by pfBlockerNG.
ok I will see if I can improve that in the next release… Thanks!
Thank you so much for the time and work you've put into the project, but please do look into this issue… :-*
-
This post is deleted! -
Pre-empting any comments re: why I chose this seemingly "stale" post, the issue covered in this thread remains current and unresolved which makes this the proper place to continue an open conversation.
Moving on, let me ask - what was the outcome on this? Given the feedback provided by more than a few users, it's pretty clear that there's either a bug with the Rule Order default setting or a misunderstanding in the user community as to how this setting is supposed to work.
Several users, such as myself, understand this setting to do the following:
- Place the pfB rules at the top of the rules list;
- Move all other user-rules immediately after the pfB rules with all rule content & ordering left intact.
If this is inaccurate - no worries - but then please clarify this so the users understand what is truly intended by this setting. In terms of a work-around, I have seen numerous suggestions to just use "alias" type actions but that does not clarify what this setting is supposed to do.
Thanks.
PS: This is an incredible package - thank you for taking the time to provide it to us...very much appreciated.
-
I am relatively new to pfBlockerNG_devel 2.2.1_1. That said, I spent over 1 day, non-stop, working to setup and configure this amazing new package. Wow.
This particular issue of rule re-ordering is, how shall we put it? Annoying. Vexing? Terrifying?
I think I will post a new thread with my thoughts on this and other issues. My thought is that more needs to be done to stop rule re-ordering (DNSBL appears to still require it?) and (better) explain alternatives to Auto Rule additions. Also, I feel that this issue could be minimized with a new enhanced "Suspension" system.
-
ok I will see if I can improve that in the next release… Thanks!
It is the last Quarter of 2019 and still no changes on it or did I miss an update or a memo on it. You have a great product, but I do not understand what makes this behaviour just leave alone the order the user already set and allow the user to enable/disable auto ordering/positioning?
So I have 3 suggestion for this:
1). Add a rule Placeholder to where the pfBNG puts the rules and thus not modify any other rule before or after it, especially if the rules order is changed by the user after that2). After initially added the rules and the user is changed the order, just update in place rather than reorder it
3). Add an "Add Rules (initialize)" Action-Button to add the rules at the first time based on the order specified in the "Rule Order", Than no any update changes the rules, especially if the User is CHANGED IT. Any non-existing New rule group (if for example a new country or area is added) is added to the position based on the "Rule Order", but never changes the position of the Already existing ones. It is really very-very counter intuitive and becomes more contra-productive and not practical as I really doesn't want any of my order changed automatically after I set it. I really want to know if such is necessary and either approve to do such or click on a manual update link for that to happen.
-
Those are the default settings now... If none of those Auto rule settings work for your needs, you can always use "Alias Type" Action settings and manually create the firewall rules to suit. Click on the blue infoblock icon for the Action setting for more details.
