Alias Host Name for Firewall Rule



  • Hello, i tried to create a firewall rule using an alias fully qualified domain name to filter tcp communication on a port but it doesn't work unless you use an IP address. I cant seem to find anything in the firewall logs to show me the issue. Maybe its a bug or the firewall cannot verify the domain name quickly enough? Has anyone else had an issue like this using alias's?
    Thanks


  • Galactic Empire

    Anything in Diagnostics -> Tables aliasname ?

    Screenshot 2019-06-19 at 13.41.17.png

    Screenshot 2019-06-19 at 13.41.31.png



  • Thanks for getting back to me.To get by I created the alias from the dns lookup tool on my pfsense firewall. Below is the table return:
    fd95b1e1-4eab-4778-9631-323f1c6de81f-image.png


  • Galactic Empire

    It's being used "Aliases become Tables when loaded into the active firewall ruleset. The contents displayed on this page reflect the current addresses inside tables used by the firewall."

    Are you not seeing hit the firewall rule you created with the alias, if so kill the firewall states.

    Post a screenshot of your rules.

    You can drag a screenshot into the reply.



  • These are my alias's and I highlighted the one i want to use that doesnt work. Below is also the table return for that alais. It only returns one IP address?
    eca0fd1d-b9a2-4b02-b709-9170d56d8f4e-image.png

    e57e6143-c7c6-4dd3-964b-c64a75075065-image.png


  • LAYER 8 Rebel Alliance

    Hmm maybe you want to adjust Aliases Hostnames Resolve Interval in System > Advanced > Firewall & NAT

    -Rico



  • Looks like that alias was corrupt for some reason. I re-created it and made sure it looked proper in the tables and now i'm good to go. Thanks so much for all your help.


Log in to reply