Question about floating rules (multi interface)



  • Hello,

    I am new to pfSene, maybe I am getting something totally wrong here.

    I want to use floating rules for a couple of interface to which the same basic rules shall apply.

    One Example of these rules is like this:

    Proto: IPCM v4/v6 
    Direction: out
    Source: any
    SPort: any
    Dest: any
    Dest-Port: any
    Gateway: any
    Interfaces: multi-selected (opt) Interfaces to which rue should apply.

    Others are for DNS and package updates. As these rules are very basic, there are currently no other rules per interface which might conflict.

    But these rules are not matched, not even with Quick option. In Logview I see "denied by default rule" .

    These rules only work if I define them for each interface separately. Only after this step I can ping, resolve DNS names and download security updates.

    Did I got something wrong or isn't one function of floating rules to define rules that are vaild for more than one interface?

    Thank you in advance :)


  • Rebel Alliance Global Moderator

    Your going to need to post your actual rules and what rules you have on the actual interface, etc. And what your trying to stop if you want help determining how to do what you want.

    Blocking out to a lan interface woudln't stop the client from pinging something for example because the traffic would be inbound to the interface, and the answer would come in via state.