again: pfB is re-ordering rules

demux · Sep 21, 2018, 8:32 AM

Hi,

I had to add a permit rule for pfBlocker rules. For that I used the plus sign under Destination in FW logs. It is called "Easy Rule: Pass this traffic".
(Yes, I know I could have used Alerts Tab. I wanted to try this.)

At first it did not work because the rule was added at the end of the FW rules list, so I moved this rule up in front of the pfBlocker rules.
This morning I saw that the pfBlocker rules at the top are scrambled and I remembered that there was something with rule ordering when updating rules in the night.

My question is how to handle this elegantly.
I thought of the following:

In Firewall -> pfBlockerNG -> IPv4 -> (eg) Spamhaus -> List Action I will select Alias Deny. Order setting in General is the first one.
And if I had pfBlockerNG let create the rule as auto rule before and now change the rule to Alias Deny everything should work as expected.
This means pfB gets the nightly updates, updates the alias list, reloads the rules, but does NOT re-order or re-create the rules, means leaves them untouched.
(The same for DNSBL.)

Is this correct? Am I missing something? Can something break if I do this?

Thanks a lot!
-demux

dotdash · Sep 21, 2018, 5:36 PM

That's how it works when you use 'Alias Deny'. You have to set it to 'Alias Native' and make your own rules if you don't want it auto-mangling your rule set.

RonpfS · Sep 21, 2018, 5:55 PM

In the Firewall / pfBlockerNG / IP there is the Firewall 'Auto' Rule Order settings you can configure.

If the settings doesn't fit you needs, then you need to create your own rules.