• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Disable NAT rule creation

Scheduled Pinned Locked Moved pfBlockerNG
9 Posts 3 Posters 646 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • ?
    A Former User
    last edited by Mar 27, 2021, 10:51 AM

    Dnsbl generates NAT forwarding rules. How can I disable this? Deleting the NAT rules doesn't work.

    V 1 Reply Last reply Mar 27, 2021, 9:52 PM Reply Quote 0
    • V
      viragomann @A Former User
      last edited by Mar 27, 2021, 9:52 PM

      @thisisme
      These rules are needed by DNSBL to work. If you don't like it disable DNSBL.

      ? 1 Reply Last reply Mar 27, 2021, 10:24 PM Reply Quote 0
      • ?
        A Former User @viragomann
        last edited by A Former User Mar 27, 2021, 10:27 PM Mar 27, 2021, 10:24 PM

        @viragomann I don't think it is. Redirecting the Ad to a useless response is more harmful than just dropping the request. In my opinion these automatic NAT rules are optional and I think they are unwanted behavior. I could add them by myself or don't use them at all. No need to force add them without consent.

        D V 3 Replies Last reply Mar 27, 2021, 10:32 PM Reply Quote 0
        • D
          Derelict LAYER 8 Netgate @A Former User
          last edited by Mar 27, 2021, 10:32 PM

          @thisisme Without consent is a little harsh. You consented when you installed the package.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          ? 1 Reply Last reply Mar 28, 2021, 6:12 AM Reply Quote 0
          • V
            viragomann @A Former User
            last edited by Mar 27, 2021, 10:32 PM

            @thisisme said in Disable NAT rule creation:

            Redirecting the Ad to a useless response is more harmful than just dropping the request

            If the traffic is simply dropped, pages will take longer to load in the web browser. Therefor it is redirected to a 1 px image.

            ? 1 Reply Last reply Mar 28, 2021, 6:09 AM Reply Quote 0
            • D
              Derelict LAYER 8 Netgate @A Former User
              last edited by Mar 27, 2021, 10:42 PM

              @thisisme It can also render the page much less pleasant, with broken image placeholders (browser-dependent), ALT text, etc.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              ? 1 Reply Last reply Mar 28, 2021, 6:14 AM Reply Quote 0
              • ?
                A Former User @viragomann
                last edited by Mar 28, 2021, 6:09 AM

                @viragomann said in Disable NAT rule creation:

                @thisisme said in Disable NAT rule creation:

                Redirecting the Ad to a useless response is more harmful than just dropping the request

                If the traffic is simply dropped, pages will take longer to load in the web browser. Therefor it is redirected to a 1 px image.

                This can't have a measurable effect. Adaway for Android drops the request too. Works pretty well on my device. If the pfsense rejects the packet instead of dropping it should be fast too.

                Anyway I see this as my choice. It will work both ways, so why don't have an option?

                1 Reply Last reply Reply Quote 0
                • ?
                  A Former User @Derelict
                  last edited by Mar 28, 2021, 6:12 AM

                  @derelict said in Disable NAT rule creation:

                  @thisisme Without consent is a little harsh. You consented when you installed the package.

                  If it sends my data to China I consented that too?

                  A nat forwarding rule isn't helpful without a proper firewall entry, but pfsense still gives me the option to add the rules by myself and not force pass everything.

                  1 Reply Last reply Reply Quote 0
                  • ?
                    A Former User @Derelict
                    last edited by Mar 28, 2021, 6:14 AM

                    @derelict said in Disable NAT rule creation:

                    @thisisme It can also render the page much less pleasant, with broken image placeholders (browser-dependent), ALT text, etc.

                    Adaway for Android does the same. Im fine with that. Why am I not allowed to decide this myself?

                    1 Reply Last reply Reply Quote 0
                    1 out of 9
                    • First post
                      1/9
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received