Project

General

Profile

Actions

Feature #11749

open

Option to disable NAT rule creation

Added by Frank Gouton almost 3 years ago. Updated almost 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
03/29/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

I'd like to have an option to disable the automatic NAT rule creation of DNSBL.

First I'd like to have full manual control about the firewall rules

Second this can cause problems with https connection if I don't add the pfsense certificate to every client. In addition this can cause problems with Webservice class (rest, soaps). If the request is falsely redirect the application may respond unexpected and without an propper error message.

Third: The NAT rule is not mandatory for the functionality. Blocking works without the virtual IP Webservice and the functionality can be archived without a NAT rule as well.

Actions #1

Updated by Frank Gouton almost 3 years ago

I don't want to use the VIP Webservice in general, but the NAT rules are the biggest problem. I can't delete them and they have the "pass" option so they will override all firewall rules.

Actions

Also available in: Atom PDF