Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Feature Request: Rules Groups
« previous
next »
Print
Pages: [
1
]
Author
Topic: Feature Request: Rules Groups (Read 630 times)
mestafin
Newbie
Posts: 32
Karma: 2
Feature Request: Rules Groups
«
on:
January 25, 2018, 12:22:23 pm »
Hi,
A feature request to make it easier to deploy OPNsense in enterprise setups.
On the Cisco ASA series you can define Services Groups, which can the be applied to individual hosts or networks.
Is it possible to consider something similar?
For example, you define a Service Group called "Mail Services" and for this group, you then define all the services (ports) that you want to allow through:
HTTPS
POP3
IMAP
SMTP
SUBMISSION
You then apply this to individual hosts or networks etc.
The current Interface Groups is not really that helpful for this, as it is only applicable to interfaces or virtual vlan interfaces
«
Last Edit: January 25, 2018, 12:24:48 pm by mestafin
»
Logged
franco
Administrator
Hero Member
Posts: 8295
Karma: 553
Re: Feature Request: Rules Groups
«
Reply #1 on:
January 25, 2018, 12:45:33 pm »
Hi there,
There is an alias option for ports.
Cheers,
Franco
Logged
you
Newbie
Posts: 33
Karma: 2
Re: Feature Request: Rules Groups
«
Reply #2 on:
January 25, 2018, 01:42:05 pm »
There is no option to build combined aliases for "hostip:port" ... correct? It would be great to have this option as well
Cheers
Logged
franco
Administrator
Hero Member
Posts: 8295
Karma: 553
Re: Feature Request: Rules Groups
«
Reply #3 on:
January 25, 2018, 03:42:55 pm »
That's impossible to express in pf.conf syntax:
https://www.freebsd.org/cgi/man.cgi?query=pf.conf&sektion=5
Cheers,
Franco
Logged
you
Newbie
Posts: 33
Karma: 2
Re: Feature Request: Rules Groups
«
Reply #4 on:
January 25, 2018, 04:43:56 pm »
I see. Thanks for your clarification
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Feature Request: Rules Groups
