Fire Wall rule not effecting Active sessions

Feenix

Hi all I am a newbie to pfsense. I have a strange problem. This might have been addressed earlier but I could not find under blogs. If you know please send me link or guide me through.

MY SETUP

em0        WAN              208.50.82.16/24  static
            Default  GW      208.50.82.2 
            DNS                4.2.2.2
em3      LAN                192.168.2.233/24

THE ISSUE

If I ping the WAN IP of my firewall from another wan network I get  request timed out 
      I added a rule under WAN that states

pass in quick on em0 reply-to (em0 208.50.82.2) inet proto icmp all keep state label "USER_RULE

And I get a ping reply. But now if I keep my ping window open an constantly ping the WAN address and change the rule as following

block drop in quick on em0 reply-to (em0 208.50.82.2) inet proto icmp all label "USER_RULE:

I still get ping reply. What I have noticed is that if I stop pinging for about two minutes and then ping again the block rule kicks into action. But then I cannot disable it, I have to wait about 5 minutes after chaning this rule from block to pass. This situation is consistent with SSH and HHTP. Rules will not effect the active sessions. Please help and guide me what am I doing wrong here.

dotdash

This is the way it works, if you want to apply your new rules to established connections, clear the state table.

Feenix

Thank you for your reply. This was a big help. I was able implement all firewall rules on the fly. After you pointed me in correct direction, first I used

pfctl -F state            this did the trick and all new rules implemented immediately.

Than I looked around under WEB GUI and found the following link that made the job really easy.

DIAGNOSTICS –-> STATES ---- RESET STATES

THANKS :)