Dyndns address as firewall alias?

  • I want to use a dynamic DNS host name as a firewall alias. Works great, but when the IP address changes for the dyndns client, pfsense doesn't understand the IP is changed. When pinging from pfsense, the correct IP is displayed, but the firewall is not catching it.

    Any way to "refresh" the firewall?

  • Rebel Alliance Developer Netgate

    In 2.0 there is a daemon which periodically re-resolves the addresses.

    On 1.2.3 it only resolves them when the filter is reloaded. You could use the cron package to schedule a filter reload, but that's a bit hackish. (Also on 1.2.3 if it can't resolve the hostname it will fail to reload the ruleset!)

    Best bet is to move up to 2.0 where it works perfectly.

  • Thank you for your answer - I didn't know there was a daemon handling this in 2.0, great news! At what intervals does this daemon work? Or - can it be changed? Probably not needed in my setup, just curious :)

  • Rebel Alliance Developer Netgate

    I think it's every 5 minutes, might be a little lower. Probably no real good reason to set it much lower than that.

Log in to reply