Text only | Text with Images

OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Bytechanger on May 28, 2019, 04:55:49 PM

Title: Firewall rule before Port-Forward not working?
Post by: Bytechanger on May 28, 2019, 04:55:49 PM
Hi,

I want to block all Internettraffic wich isnĀ“t from Lets Encrypt Server to Port 80 and 443.
But my block rule seems to be ignored...

My ruleset:

[...]
                 Source                            Destination
IPv4 TCP    ! Lets_Encrypt     *    WAN address    80 (HTTP)    *    *    

(now automatic Rule from Port Forward)
IPv4 TCP    *    *    172.30.90.81    80 (HTTP)    *    *    
IPv4 TCP    *    *    172.30.90.81    443 (HTTPS)    *    *    

Is it wrong? I think, firewall ruleset are first-match. So if Traffic to Port 80 arrives, wich is not from Lets Encrypt, it will be blocked...


Greets

Byte
Text only | Text with Images