Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
pfSync and automated rulesets not applied
« previous
next »
Print
Pages: [
1
]
Author
Topic: pfSync and automated rulesets not applied (Read 3886 times)
merlin123
Newbie
Posts: 1
Karma: 0
OpnSense the very best opnsource firewall!
pfSync and automated rulesets not applied
«
on:
February 12, 2021, 11:03:22 am »
Hi,
I was working on a full automation of opnsense firewalls to publish websites trough HA Proxy, setting up VIPs and of course firewall rules.
By the way, the API makes it much easyer to work with!
I noticed, that automated rules aren't synced to the slave node, even rules are configured to sync.
A quick look into the config.xml was interesting:
Normal rules are created under the tag <filter> of course.
Automated rules get a new tag created <filter Version "1.0.0">
Also the no sync flag is not set on these rules, so basically they should be included in the sync process.
Is this a known issue, or is this even a planned functionality?
Current workaround would only be creating these rules using the API on both firewalls, which of course I don't want to, as e.g HAProxy rules get synced fine, and in some cases I am running firewalls in cold standby.
Then I would always need to wake up the second / third firewalls to sync the rules.
Thanks for your answer, any workaround, how we extend pfSync for this would be appreciated.
Best regards
Merlin123
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
pfSync and automated rulesets not applied