Bypass firewall rules for traffic on the same interface settings

2.2 Snapshot Feedback and Problems - RETIRED
Log in to reply
  • T

    Seems like "Firewall Optimization Options" and "Bypass firewall rules for traffic on the same interface" setting does not work after the upgrade from an earlier version of 2.2 to the latest.  The selection is retained but you have to toggle the box, save and then resave for them to work again.

    0
  • jimp
    Rebel Alliance Developer Netgate

    Hmm, that doesn't make a lot of sense. The net effect of that should have been no different than going to Status > Filter Reload and clicking "Reload Filter". If the setting is present, it would be honored, unset/reset wouldn't do anything special in that regard.

    0
  • T

    Thanks for the clarification.  My observation was based on the fact that firewall logs fill up with the Default deny rule on the LAN interface after each upgrade and seem to stop after toggling the option.  It might be just because the LAN connections bounce during that time… Just a PfSense Newbie observation I guess...

    Thanks

    0
  • C

    That's normal behavior for every stateful firewall, after rebooting (if you don't have HA in place) you'll block traffic from connection states that were killed by the reboot but are still active and attempted to be used elsewhere. Devices will figure that out quickly and re-establish, it's safe to ignore.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy