I have a qube that I use for checking email with client. I have the firewall rules for that qube set to only allow connections to the mail servers I interact with, and only on the ports relevant for mail.
I’m noticing that the rules get lost. For example, quite often when I hit send on an email, I get a “no route to host” error that is solved by going into the firewall settings and clicking Apply. I find myself doing this enough times in the day that I generally just leave the window open.
Is this an intended behavior? Is there something I can do to make the firewall rules for this qube more sticky?
Note that if you specify a rule by DNS name it will be resolved to IP(s) at the moment of applying the rules, and not on the fly for each new connection. This means it will not work for servers using load balancing, and traffic to complex web sites which draw from many servers will be difficult to control.
Thanks @szz9pza, it does indeed seem like the issue I’m hitting is the one mentioned in the Note you posted regarding DNS and load balancing. I think that makes this expected behavior, even if not necessarily intended.
I will have to read the thread you reference when I have a bit more time to think about this.