Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Does port forwarding in opnsense bypass the firewall rules?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Does port forwarding in opnsense bypass the firewall rules? (Read 2826 times)
mike366
Newbie
Posts: 2
Karma: 0
Does port forwarding in opnsense bypass the firewall rules?
«
on:
March 19, 2017, 05:25:36 pm »
If I have an email server sitting behind an opnsense router, and the opnsense firewall blocks certain countries from access, if I port forward to the email server, are the blocked county ip rules enforced first, so that 'bad' traffic does not make it to the email server?
Thank you.
Logged
Arakangel Michael
Newbie
Posts: 25
Karma: 1
A Noise Like That of A Multitude
Re: Does port forwarding in opnsense bypass the firewall rules?
«
Reply #1 on:
March 20, 2017, 05:51:57 am »
Services > Intrusion Detection > 'User Defined' (Tab) >
GeoIP/Country
×United States (not)
GeoIP/Direction
Source
Action
Drop
This will drop all traffic from every country other than the U.S. There is still plenty of 'bad' traffic here though, and people elsewhere can also use Tor, a VPN, or a 'zombie' (compromised) host.
Logged
mike366
Newbie
Posts: 2
Karma: 0
Re: Does port forwarding in opnsense bypass the firewall rules?
«
Reply #2 on:
March 20, 2017, 09:19:49 pm »
Sure, thanks for the info. At least it sounds like all packets not originating in US will be dropped before the port forward to the email server happens. I appreciate the pointer on setup.
Logged
Arakangel Michael
Newbie
Posts: 25
Karma: 1
A Noise Like That of A Multitude
Re: Does port forwarding in opnsense bypass the firewall rules?
«
Reply #3 on:
May 10, 2017, 07:26:25 pm »
Just to clarify, yes the traffic will be dropped.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Does port forwarding in opnsense bypass the firewall rules?
