Is there a length limit for alias names? If it's an invalid alias I would think one of the logs should show something when the firewall rules are applied...I recall seeing errors in there before...
-- Steve Yates ITS, Inc. -----Original Message----- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Martin Fuchs Sent: Wednesday, May 18, 2016 4:22 AM To: 'pfSense Support and Discussion Mailing List' <list@lists.pfsense.org> Subject: Re: [pfSense] firewall rules with fqdn-alias Hi ! Sounds reasonable, but there's no dot at the end ... Regards, martin -----Ursprüngliche Nachricht----- Von: List [mailto:list-boun...@lists.pfsense.org] Im Auftrag von WolfSec-Support Gesendet: Mittwoch, 18. Mai 2016 09:26 An: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Betreff: Re: [pfSense] firewall rules with fqdn-alias Hi Martin Do you have a dot at the end of the fqdn like in bind configs ? Pfsense doesnt like a dot at the end. With e.g. host.domain.tld It works fine With host.domain.tld. It works not So if you use a dot at the end please remove it Br Stephan Am 18.05.2016 00:12 schrieb "Martin Fuchs" <mar...@fuchs-kiel.de>: > Hi, Steve ! > No dots in the alias, yurt in the fqdn-address, the lookup works fine, > so the resolved fqdn are visible in the tables, but it seems as if the > rule is not applied. > But there is no error... > Any diagnostic hints ? > Regards, > Martin > > > Are you using dots in your FQDNs? Those aren't valid alias names... > > 'The > name of the alias may only > > consist of the characters "a-z, A-Z, 0-9 and _".' > > > > -- > > > > Steve Yates > > ITS, Inc. > > > > -----Original Message----- > > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of > > Martin > Fuchs > > Sent: Tuesday, May 17, 2016 9:26 AM > > To: list@lists.pfsense.org > > Subject: [pfSense] firewall rules with fqdn-alias > > > > Hi ! > > > > We're using pfSense 2.3_1 here in a CARP-cluster. > > > > We are using rules with fqdn-aliases and those rules do not work. > > > > When i look under diagnostics -> tables i see the tables filled with > > the > correct IPs. > > > > When I change the rule not to use the alias, but the IP instead, the > rules works immediately. > > > > It's really weired. > > > > Does anyone have some idea for me ? > > > > Regards, > > > > martin ! > > > > _______________________________________________ > > pfSense mailing list > > https://lists.pfsense.org/mailman/listinfo/list > > Support the project with Gold! https://pfsense.org/gold > > _______________________________________________ > > pfSense mailing list > > https://lists.pfsense.org/mailman/listinfo/list > > Support the project with Gold! https://pfsense.org/gold > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold