English Forums > Tutorials and FAQs

Blocking malicious IPs with OPNsense and blacklists

<< < (2/2)

hushcoden:
Sorry, me again, I'm trying to understand how those floating rules work and I'm still confused, i.e. from what I understood from the article and your response, that floating rule blocks any attempt from a LAN client to connect to any of the malicious IPs, am I right?

If so, why we need direction to 'any' and not just 'in' ?

What if I also want to block any attempt from any of those malicious IPs (defined in the alias) to attempt to connect to a LAN client ?
From your response I take it we need to add another rule?

Tia.

binaryanomaly:
Hi,

The rule blocks any connections where the destination is one of the IPs in the blacklist.

You would need another rule to block any connections where the source is one of the IPs in the blacklist.
But most setups do not allow incoming traffic from the WAN interface anyway so this is kinda obsolete.

You're right, the any for the direction may not even be required but I just didn't bother since any works just fine as well.

-b

Navigation

[0] Message Index

[*] Previous page