pfsense duplicated firewall rules
-
hello,
I'm using the pfblockerng and the rules were in the floating tab, I changed and I also changed the rules order into the pfblockerng -> ip section and after that, all my wan interface rules are a mess
mostly all the rules are repeated several times !!
how to fix it?
thanks!! -
That thread is nearly 3 years old. There have been a lot of fixes since then.
What pfSense version are you running? What pfBlocker version?
-
@stephenw10
Hi, thanks for your prompt reply!
I'm using pfsense 2.7.2 and pfblockerng 3.2.0_8.
the problem begun when I changed the setting Firewall/pfBlockerNG/IP -> Floating Rules (uncheck Enable) and/or when I changed the Firewall 'Auto' Rule Order.
it seems that this was an old issue already corrected in the 2.6 release but it could be a regression issue?
thanks again! -
Hmm, are you able to manually remove the duplicates? Or all the pfBlocker rules and then resave pfBlocker to re-add them?
-
@michel-feria said in pfsense duplicated firewall rules:
and pfblockerng 3.2.0_8.
Why not the latest version :
the one with 'less bugs'
edit : oh, wait ... pfSense 2.7.2 ....
-
@stephenw10
Yes, I'm able to delete the duplicated rules but anytime that pfblockerNG update its rules, all the WAN rules are duplicated.
but wait, two conditions should be meet in order to replicate this behaiveur.
1- Passing floating rules in pfBlockerNG from Enable to disable (check box in the IP section)
2- changing the default order in the Firewall 'Auto' rule order (I changed the default order by the 2nd option to priorize the pfsense Pass/Match over the pfblocker pfB_Block. (the whitelisting is not working properly in the pfblocker btw)
after that, I did force update and the wan rules were duplicated, a restart also duplicate and so one, anytime that the pfblocker makes an update, the wan rules are duplicated.
it was a bug in the 2.5 version but normally, was fixed in the 2.6 version, however, I see the same issue in the version 2.7.2.
where is the proper place to register this as a bug? (maybe is a pfBlockerNG bug instead of pfsense bug)thanks very much
kind regards,
-
Yup if it is a bug it's in pfBlocker I would think. It should be here:
https://redmine.pfsense.org/projects/pfsense-packages/issuesNot seeing anything current for duplicate rules there.
