Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall rules bug after configuration restore?

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 258 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jt
      last edited by

      after a config restore from AutoConfigBackup the firewall rules seems to "forget" the alias assignment. meaning, the aliases are all listed as expected, the rules show aliases as well, however, the firewall is actually blocking the traffic that the rule(s) were supposed to allow. in order to fix this, I had to delete the hostname from the alias, save, apply, then add the hostname back to the alias, save, apply. the rule then works as before.

      this is very confusing, as everything looks OK in the GUI: the firewall PASS rule shows the correct alias, the alias contains the correct hostnames etc, yet, the traffic is being blocked.

      is this a known bug related to how autoconfigbackup restore works? i haven't been able to find it.

      now that I know how it "works", it's not a problem anymore, however, I just wanted to report it so it perhaps helps others who struggle with the same.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I have not seen that happen before, but it sounds like the firewall just had not resolved the contents of the alias yet. It takes about 5 minutes between checks for alias hostnames, but you can lower that value at System > Advanced, Firewall & NAT tab, Aliases Hostnames Resolve Interval

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          jt
          last edited by jt

          thx, @jimp

          i tried waiting for hours, even days. i found about this by making config changes on friday, then just checked the fw rules are in place, but didn't actually test. then, on monday, users complained about network apps not working. turned out it started to work once I removed the hostname from the alias, saved/applied, and then added the same value back again.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.