Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 13 replies
  • Answers 1 answer
  • Subscribers 43 subscribers
  • Views 5484 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Rule change not applied unless restart.

midnightSun

I'm having to restart this system to get Firewall / NAT rules enforced when changes are applied. This seems to happen with quite a few people in the community. 

I've found sometimes disabling the firewall rule that feeds a NAT rule loads the additions but it doesn't always work and leads me to think my rules aren't correct when they are.

What is the best way to ensure SFOS 20 GA loads its rules upon changes? Any console commands? Restarting this system over and over is silly. 



This thread was automatically locked due to age.
  • 0 in reply to rfcat_vk

    Meaning its so far removed from Astaro? In any event LuCar Toni you have a great grasp on SFOS so again I thank you sir. 

    echo "           __     __         __         __     __    _______               ";
echo ".--------.|__|.--|  |.-----.|__|.-----.|  |--.|  |_ |     __|.--.--..-----.";
echo "|        ||  ||  _  ||     ||  ||  _  ||     ||   _||__     ||  |  ||     |";
echo "|__|__|__||__||_____||__|__||__||___  ||__|__||____||_______||_____||__|__|";
echo "                                |_____|                                    ";

    ~~~ I miss Port 17. Remember using telnet to get the Quote of the Day? Maybe I'll set one up for all the port scanners.  ~~~ 

  • 0 in reply to midnightSun
    midnightSun said:
    Meaning its so far removed from Astaro?

    Sophos UTM was a lot like Astaro. Once Sophos moved from UTM to SG it became quite a different product.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to midnightSun

    Not always the case. From the PFSense manual on troubleshooting:

    New Rules Are Not Applied

    If a new rule does not appear to apply, there are a couple possible explanations.

    First, If the rule is a block rule and there is a state table entry, the open connection will not be cut off. SeeCheck the Status Table.

    ...

Unfiltered HTML