On 12/5/2017 5:34 AM, Shamim Shahriar wrote: > Now, if I select multiple interfaces, since there is no reply-to on the > rule, I am unable to communicate with the pfsense box from outside. Which > makes me wonder, am I misunderstanding the purpose/functionality of > floating rules entirely? I know one good thing about them is to be able to > add "quick" so the rules are checked before other interface bound ones, but > is this also not a feature (i.e., put same rule for multiple interfaces in > one go)?
What you are seeing is expected behavior. If you have multiple interfaces selected, it cannot possibly use reply-to because it can't specify reply-to on rules for multiple interfaces. Interface groups have the same limitation. If you need reply-to, the rules must only apply to a single interface. For that reason, multiple interface rules (groups or floating) are primarily useful only for internal interfaces. Jim P. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
