Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Duplicate Rules Entries

    Scheduled Pinned Locked Moved General pfSense Questions
    13 Posts 3 Posters 1.6k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      robbwk
      last edited by

      I've been using pfsense for about two months without any problems until a few days ago. Pfsense has begun to create duplicate entries in the firewall rules. I enter a single IP to be rejected and pfsense responds with two of the same IP in the rules.

      Any suggestions how I can resolve this anomoly?

      Thanks

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator @robbwk
        last edited by

        @robbwk can you show us this rule?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07 | Lab VMs 2.8, 25.07

        1 Reply Last reply Reply Quote 0
        • R Offline
          robbwk
          last edited by robbwk

          Firts, thank you for your kind and quick reply. Appreciated.

          Here are a couple of screen grabs that, I hope, will be helpful.2022-03-06_16-51-28.png 2022-03-06_16-52-15.png

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator @robbwk
            last edited by

            @robbwk well one thing for sure you wouldn't want to use reject.. This sends a response..

            Why are you trying to reject them, default is deny - do you have port forwards open and your trying to stop them from getting to your port forward?

            Or mail server? I can not say I have ever seen such a thing.. My guess would be your browser is double submitting the rule?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07 | Lab VMs 2.8, 25.07

            1 Reply Last reply Reply Quote 1
            • R Offline
              robbwk
              last edited by

              I used Reject to try and impress on these folks that their Spam is not appreciated. I can easily change that to Deny. That isn't the point though. The double entry is the point.

              Yes, I am trying to protect mail servers. The amount of Spam I get is ridiculous and my storage system would be in serious trouble if I simply allowed all this rubbish to enter. I have SpamAssassin and Baysian on the mail servers but, that requires a lot of multiple entries to stop some Spammers that change IPs and domains by the minute. Stopping the IPs is my only effective solution. PFSense has reduced incoming by 75%. It's a great piece of software.

              All I am trying to do is figure out why I get two entries. The rest is irrelevant.

              Grateful for your reply.

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                Are you running pfSense 2.6?

                Check the actual config file /conf/confg.xml and the generated rulset file /tmp/rules.debug. Do the duplicate entries appear there too or is this a display bug?

                Steve

                1 Reply Last reply Reply Quote 1
                • R Offline
                  robbwk
                  last edited by

                  Hi and thanks for your attention and time.

                  I'm running version 2.5.2. Are you suggesting that this version creates duplicate entries? I will upgrade, if you instruct.

                  I'll check the config and ruleset as you suggest. I'll respond tomorrow with appropriate information.

                  Thanks again for your advice and effort.

                  1 Reply Last reply Reply Quote 0
                  • R Offline
                    robbwk
                    last edited by

                    Decided to do it now. Files (sections of) attached.pfsense-config-xml.txt rule.debug.txt

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      Hmm so, yes, the rule is actually created twice. How exactly are you creating it?

                      I only asked what version you're running because we need that to attempt to replicate it if it really is a bug. However it's unlikely a bug discovered in 2.5.2 will get fixed at this point. If you can replicate it in 2.6 then we can open a report and dig deeper.

                      Steve

                      1 Reply Last reply Reply Quote 1
                      • R Offline
                        robbwk
                        last edited by robbwk

                        High Steve, appreciate your time.

                        I create the rule using the drop-down form (GUI). I do not use command line to do this. The choices are simple and I can't imagine I'm doing anything unusual.

                        I will upgrade to 2.6, later today and run it with few rules to start. Then, I will need to bring in the backup file from 2.5.2 or I will have to re-enter all the IPs and I don't really have that amount of time to spare.

                        Bear in mind that PFSense did not start out creating duplicates. For the first month or so, it created a single entry from my choices.

                        A little more information: I run the firewall as a VM in vSphere 6.7.

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S Offline
                          stephenw10 Netgate Administrator
                          last edited by

                          Are you running as an HA pair? Or config syncing for any other reason?

                          It's hard to imagine anything that could cause that. 🤔

                          Since it's a VM you can easily snapshot it and roll back if upgrading to 2.6 makes no difference at least.

                          Steve

                          1 Reply Last reply Reply Quote 1
                          • R Offline
                            robbwk
                            last edited by

                            Hi Steven,

                            Thanks for your message.

                            I have updated the software to version 2.6. I removed the duplicates (which I could not do in 2.5 as if I deleted one, the other also disappeared). I have added a few test IPs and all seems to be okay.

                            For me, at least, 2.5 had a glitch. 2.6, appears to have resolved it.

                            I am grateful for the help and advice give on this forum. If anything goes south over the next few days, I'll report to you.

                            Robb

                            1 Reply Last reply Reply Quote 1
                            • stephenw10S Offline
                              stephenw10 Netgate Administrator
                              last edited by

                              Ah, good to hear. 👍

                              1 Reply Last reply Reply Quote 1
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.