Why we need a server restart with any change

  • friends i am very new to this.. yesterday only started my day with PFsense.. question is .. if i am creating any policy .. or blocking or allowing an IP, do you guys think it is realistic to start/ restart the server. in production this is not possible .. and i know i am not discussing something which has not been discussed.. but i want to know if there a better way… as no one would like to loose their downloads or any other important transactions.

    or we have a better opensource proxy then PFsence. i want to control my internet usage .. and i am fed up with ISA. plz guide.

  • Banned

    There is no such need in the first place.

  • LAYER 8 Global Moderator

    you do not need to restart pfsense for such things..  Only thing that requires a restart is the update of the pfsense firmware from say 2.2.x to 2.2.y

    packages don't even require reboot.. The only thing that should ever require a reboot is update of pfsense itself.  I make firewall changes all the time, even new interfaces and vlans never requires a reboot.

    Now if your creating a rule to block, and there as a state already you would have to kill those old states.. Which can be done on per state - just look in the state table for the specific states and kill them.

  • thanks mate..
    i was watching a video on you tube and the person did some policies for FB and it didnt worked so he restarted the server itself and it started working. so i just wanted to confirm how pfsense detects new policies and applies it.

  • Resetting the states in the state table gives you added piece of mind new rules are in effect.

  • Unfortunately, resetting the states is the same thing as rebooting from a user point of view.  Their active sessions will be reset.

  • LAYER 8 Global Moderator

    not if they only reset the connections that would be effected by new rules.

  • …or if the users happened to all be taking a bath...

Log in to reply