Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ethernet Layer 2 rules and Schedules not working

    Firewalling
    1
    2
    247
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sabertooth13
      last edited by sabertooth13

      I have a block rule setup under Ethernet rules, where all traffic is blocked for a MAC address based on a schedule.

      The issue is that the schedule does not work, I have to manually reload filters to activate/deactivate it.

      For example, if the schedule is inactive, the rule will not enable when it is scheduled to. The MAC address never gets blocked.
      If the schedule is active, then the rule never gets disabled when the scheduled time is finished. The MAC address stays blocked forever until I reload filters manually.

      I have also tried doing the opposite. Have an allow rule scheduled while always having a block rule, but the same issue arises. The allow rule does not follow the schedule.

      As a last resort, I am going to try to find the command to reload filters and setup a hourly cron job.
      EDIT: The command is /usr/local/sbin/pfSctl -c "filter reload". Will update post if works/does not work to temporarily fix the issue.

      d42fd8eb-b35f-4254-acae-6a09adbe52fa-image.png
      af5077b0-f58a-432b-8ce2-f4cc15a79e46-image.png

      S 1 Reply Last reply Reply Quote 0
      • S
        sabertooth13 @sabertooth13
        last edited by

        I can confirm with the cron job that the schedules work. I timed the command to run when the schedule is timed, so it doesn't need to run every hour.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post