Project

General

Profile

Actions
Copy link

Feature #11749

open

Option to disable NAT rule creation

Added by Frank Gouton over 3 years ago. Updated over 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
03/29/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

I'd like to have an option to disable the automatic NAT rule creation of DNSBL.

First I'd like to have full manual control about the firewall rules

Second this can cause problems with https connection if I don't add the pfsense certificate to every client. In addition this can cause problems with Webservice class (rest, soaps). If the request is falsely redirect the application may respond unexpected and without an propper error message.

Third: The NAT rule is not mandatory for the functionality. Blocking works without the virtual IP Webservice and the functionality can be archived without a NAT rule as well.

Actions
Copy link
 #1

Updated by Frank Gouton over 3 years ago

I don't want to use the VIP Webservice in general, but the NAT rules are the biggest problem. I can't delete them and they have the "pass" option so they will override all firewall rules.

Actions
Copy link

Also available in: Atom PDF