• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

rules not applied/enforced

Scheduled Pinned Locked Moved pfBlockerNG
3 Posts 2 Posters 404 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    peterlecki
    last edited by peterlecki Jun 26, 2023, 8:32 PM Jun 26, 2023, 8:19 PM

    Default rule order
    pfb1.png

    Firewall rule created by NAT rule is all the way on the bottom, after all pfBlocker IPs
    pfb2.png

    pfb3.png

    Yet the connections are allowed
    pfb4.png

    My Home IP is in the US (N.America) which is is above my allow rule so it should be blocked. If I change the port, then it blocks it.
    What am I not understanding?

    S 1 Reply Last reply Jun 26, 2023, 10:33 PM Reply Quote 0
    • S
      SteveITS Galactic Empire @peterlecki
      last edited by Jun 26, 2023, 10:33 PM

      @peterlecki Any chance the state was open before the firewall rule was created?

      https://docs.netgate.com/pfsense/en/latest/troubleshooting/firewall.html#new-rules-are-not-applied

      Is your IP (subnet block) somewhere in another pfB list, and deduplication is enabled?

      On WAN it's generally not needed to block incoming packets because of the default "block all" rule. From LAN outbound is a different thing because that has a default "allow all" rule, on LAN only.

      Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
      When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
      Upvote 👍 helpful posts!

      P 1 Reply Last reply Jun 27, 2023, 5:41 PM Reply Quote 1
      • P
        peterlecki @SteveITS
        last edited by Jun 27, 2023, 5:41 PM

        @SteveITS
        The "new-rules-not-applied" article you linked led me to Status > Filter Reload where I saw a loading error of pfB and adjusted a setting in the Advanced>NAT tab which fixed the problem.
        Thank you for this quick response.

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received