Can someone explain this to me? I did a brief search but couldn't find much.
I'm Cisco trained, have used pfSense for about a year and am on OPNSense, but do not understand why I need to use /32 instead of conventional notation.
I don't see this documented anywhere but have seen it in postings which lead me to use the /32 format for rules, vlans, etc with success.
This is standard CIDR notation of the subnet mask if I understand your question correctly. It is the count of bits which are set (network part). /32 for IPv4 means you have an address identifying a single host.
Right, but /24 is the actual network which OPNSense then blocks or passes the entire subnet. This CIDR notation works correctly on other systems, for example, /12, /26, but you have to use a "network of one" /32 on OPNSense when setting a rule for a single host. If I have a host with an IP of 192.168.1.5/24 I have to set that up as 192.168.1.5/32 for the rules to work correctly.
I've not seen that elsewhere, you would simply use 192.168.1.5/24.
192.168.1.5/24 is providing 2 information, the IP of the host and the netmask (from which of course you can calculate the network IP)
192.168.1.5 is just equivalent of 192.168.1.5/32, a single IP
the netmask is there so you can also specify the entire subnet, 192.168.1.0/24
you cannot specify 192.168.1.5/24 because it will not understand if you want the entire subnet or the single IP
Ok, thanks, that's what I was asking. I completely understand that explanation. Kind of curious they do it that way relative to how most others do it but it works and that's what counts. Thanks!