No need to "Apply"
-
I was tweaking some advanced rule options in the webgui while monitoring those rules with
pflogpfTop and I found that settings are being applied without me having to push the big "Apply changes" button at the top of the rules page.
Specifically I was tweaking the "maximum states this rule can create" field. Once I hit save for that rule the new value got applied. No need to "Apply changes". However - not always - for an estimated 50% of the times I changed the values, the new values activated right away.I have not tested if changing anything else, or adding rules, behaves similary random.
I am using a nano 2.0.3 pre release (in sync with the current git version as of this writing).
-
If something else (watch the system logs) causes a filter reload before you press 'apply' then the new rules could be activated sooner than you might expect.
-
Hey, thanks Jim. That would explain it.
Could someone explain why pfSense reloads the rules from time to time/ on what occasions? -
It varies a lot, but it can be from things like interface events, scheduled changes, DNS changes, etc. Usually it would log the filter reload in the system log and just before it would likely show the reason.
