Bug #7729
closed
pfBlockerNG orders NAT licked rules to the bottom of firewall rules
0%
Description
When I use pfBlockerNG and rules order as this https://snag.gy/yFQa5b.jpg after rules update my NAT linked non-pfBlockerNG get pushed to the bottom https://snag.gy/VrUCN4.jpg , see "NAT yw__Temp VNC 2" and a hack-rule I had to use for workaround "yw__NAT Plex 2 copy, need it b/c rules order"
Updated by BBcan177 . almost 8 years ago
Can you edit /usr/local/pkg/pfblockerng/pfblockerng.inc
and replace the line (-) with the new line (+):
Line 4715:
- } elseif ($rule['type'] == 'pass') {
+ } elseif ($rule['type'] == 'pass' || isset($rule['associated-rule-id'])) {
And report back if this patch solves your issue?
Updated by Yuri Weinstein almost 8 years ago
@BBcan177
Thx for the clue.
What's the proper way to modify /usr/local/pkg/pfblockerng/pfblockerng.inc ?
I made changes as root and was getting some errors on reload. Do I need to reboot after modification?
Also it feel like this should be default behavior, unless there is an reason for not doing so.
Updated by Yuri Weinstein almost 8 years ago
@BBcan177
Looks like it worked !
Pls make it default.
Updated by BBcan177 . almost 8 years ago
Fixed in PR#390:
https://github.com/pfsense/FreeBSD-ports/pull/390/files
Updated by Kill Bill 
Updated by Jim Pingle almost 6 years ago
- Project changed from pfSense to pfSense Packages
- Category changed from 119 to pfBlockerNG