FW rules behavior

Started by michaelgo, November 26, 2021, 03:22:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 26, 2021, 03:22:05 PM
Hi,
WAN to LAN icmp rules test shows strange behavior -
when it's off (no ping allowed) the FW blocks, seen in the live view, then i enable the rule and when applied, the ping starts immediately.
However, if i start ping WAN to LAN and disable the rule (and apply) the ping continues, and only if i stop and start ping it's blocked.
did i miss something in the settings?
The rules are applied per interface.

floating rule icmp in/out behaves the same way.

Is this by design?
thanks
November 26, 2021, 04:12:11 PM #1
hi
didn't quite understand the description. but states are also created by pf for the ICMP. when pf reloads on Apply the state is not cleared. so a icmp.first timeout is required.
Print
Go Up Pages1
User actions