Hi,
In pfsense 24.03 the State Policy is defaulted to Interface-bound states for extra security. My question is will floating state rules that are generated by pfblocker, or Traffic shaping (setting up Bufferbloat) rules still work?
If so, how?
If not how would we setup pfblocker or settings to prevent Bufferbloat?
Thank you
Yes, they should still work.
So why would someone choose to make the State Policy floating rules instead of interface-bound?
It has better security. You can switch back the old way of you want. You aren’t locked in to this. You can either change it in a per rule bases or globally.
Yes that makes sense. I have noticed that for pfblockerng DNSBL it works better when not using floating rules vs using floating rules. But I’m still trying to test this out more.