Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Rule Disables itself

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mhess
      last edited by

      Every few weeks we have a problem where a set rule suddenly is disabled. We are not working on the router or doing any modifications. Suddenly the rule (which is for http by the way) suddenly is disabled.

      We are NATting to a server inside the network. As stated the configuration is fine and it will work for weeks and then suddenly disable. The NAT is still fine and the Rule is still listed it is just disabled.

      Is there some setting or monitor that I am missing that is causing this Rule to be disabled?

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        Do you have a firewall schedule applied to that rule?  Or does someone else besides you have access to your webGUI?

        1 Reply Last reply Reply Quote 0
        • M
          mhess
          last edited by

          No we don't have any schedules setup. There is really just two of us that have any access to the router.

          However, my partners son probably knew the password as well. Before we/I came down on him, since he claims he never touched it, I wanted to make sure there wasn't something that could be doing it. We/I doubt it since I couldn't find any configuration or setting that could do it but one never knows.

          Thanks

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            @mhess:

            No we don't have any schedules setup. There is really just two of us that have any access to the router.

            However, my partners son probably knew the password as well. Before we/I came down on him, since he claims he never touched it, I wanted to make sure there wasn't something that could be doing it. We/I doubt it since I couldn't find any configuration or setting that could do it but one never knows.

            Never hard of this before outside of a CARP sync loop.  If you are using CARP make sure that you are not syncing from the backup to the primary.

            If you are not using CARP, change your passwords immediately.

            1 Reply Last reply Reply Quote 0
            • jahonixJ
              jahonix
              last edited by

              Old configs are stored in  /cf/conf/backup
              Check if a previous version has been written there. The time stamp on the file might give you another hint.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.