Option to disable NAT rule creation
I'd like to have an option to disable the automatic NAT rule creation of DNSBL.
First I'd like to have full manual control about the firewall rules
Second this can cause problems with https connection if I don't add the pfsense certificate to every client. In addition this can cause problems with Webservice class (rest, soaps). If the request is falsely redirect the application may respond unexpected and without an propper error message.
Third: The NAT rule is not mandatory for the functionality. Blocking works without the virtual IP Webservice and the functionality can be archived without a NAT rule as well.
Updated by Frank Gouton almost 2 years ago
I don't want to use the VIP Webservice in general, but the NAT rules are the biggest problem. I can't delete them and they have the "pass" option so they will override all firewall rules.