Why we need a server restart with any change



  • friends i am very new to this.. yesterday only started my day with PFsense.. question is .. if i am creating any policy .. or blocking or allowing an IP, do you guys think it is realistic to start/ restart the server. in production this is not possible .. and i know i am not discussing something which has not been discussed.. but i want to know if there a better way… as no one would like to loose their downloads or any other important transactions.

    or we have a better opensource proxy then PFsence. i want to control my internet usage .. and i am fed up with ISA. plz guide.


  • Banned

    There is no such need in the first place.


  • Rebel Alliance Global Moderator

    you do not need to restart pfsense for such things..  Only thing that requires a restart is the update of the pfsense firmware from say 2.2.x to 2.2.y

    packages don't even require reboot.. The only thing that should ever require a reboot is update of pfsense itself.  I make firewall changes all the time, even new interfaces and vlans never requires a reboot.

    Now if your creating a rule to block, and there as a state already you would have to kill those old states.. Which can be done on per state - just look in the state table for the specific states and kill them.



  • thanks mate..
    i was watching a video on you tube and the person did some policies for FB and it didnt worked so he restarted the server itself and it started working. so i just wanted to confirm how pfsense detects new policies and applies it.



  • Resetting the states in the state table gives you added piece of mind new rules are in effect.



  • Unfortunately, resetting the states is the same thing as rebooting from a user point of view.  Their active sessions will be reset.


  • Rebel Alliance Global Moderator

    not if they only reset the connections that would be effected by new rules.



  • …or if the users happened to all be taking a bath...