Project

General

Profile

Actions

Bug #6028

closed

no firewall rules loaded after reboot with invalid ruleset

Added by Pi Ba over 8 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
High
Category:
Rules / NAT
Target version:
Start date:
03/25/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

not a single firewall rule loaded after reboot..

There should be some failsafe default ruleset that prohibits access from at least all 'wan interfaces' until a proper ruleset can be loaded.

Granted this is caused by another issue https://redmine.pfsense.org/issues/6024 where a invalid rule gets written to the debug.rules..
There have been other cases that made rules.debug fail to load like having shapers with wrong bandwith or url-aliases that point to a somehow invalid formatted file.. So i think it would be better to provide a minimal 'bootup ruleset' that blocks all wan access instead of being 'wide open' until at least some proper rules could be applied.

Actions

Also available in: Atom PDF