Possible Filter Reload Bug??
-
System: pfSense on PC Harddrive, 2 NICs, 1 WAN, 1 LAN.
Version: 1.0-SNAPSHOT-09-14-06
Installed Packages: Miniupnp with updated binary.Hi All,
I've been noticing that all the filter reload completes it doesn't seem to update the actual changes.
I have a small list of IP's in an alias to which I block outgoing access via the Firewall>Rules>LAN section. I create a block rule to the destination, and use the alias as the destination, and place above the default rule. This has always worked fine in the past. Now however, when I added an IP, and Applied the changes, the new additions don't get blocked, even after allowing time for the filter reload to take effect. The only time they are actually blocked is after a complete reboot.
Even after a complete removal of the rule and the alias, a reboot, and a readdition, it does not work. Only after a reboot.
This system is from a fresh install of RC2 from the ISO, and then the Full-Updates up to the present one installed (noted above.) The only manual tweaking has been the updating of the miniupnpd binary.
I don't know if this is a problem on my system only, or if others have noticed this as well, so I thought I should post this and see.
TIA,
JC -
Never seen and or heard of it.
Update to the latest snapshot to make sure you are up to date:
http://www.pfsense.com/~sullrich/1.0-SNAPSHOT-09-12-06/
-
I'm actually at SNAPSHOT-09-14-06, should I go back to the earlier one that your link points to?
-
Well, I tried something else.
The first "anchor" IP I had in the alias set was no longer the IP of the site I was trying to block, and for some reason, it seemed to keep the others from being blocked as well. Strange…anyway, it all seems to be working now. It's odd, because I tried many times and many different things and it just wasn't working, hence my post. But now all seems in order, so I think I'll just delete this whole topic and chalk it up to a system hicup ;)
Thanks...
-
I got the same problem!
You have to hit MONITOR after save the changes ;)
Then you need not a reboot! -
Can't reproduce this.