Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: daniel78 on August 25, 2020, 11:23:51 AM

Title: Command line firewall rules - easyrule in opnsense?
Post by: daniel78 on August 25, 2020, 11:23:51 AM
Hi,

is there something like https://docs.netgate.com/pfsense/en/latest/firewall/adding-rules-with-easyrule.html (https://docs.netgate.com/pfsense/en/latest/firewall/adding-rules-with-easyrule.html) to easy modify some rules on the cli in opnsense?

Lets say directly after commandline installation I want to temporarily administrate the box from WAN and therefore enable webinterface on wan?

Thanks

Title: Re: Command line firewall rules - easyrule in opnsense?
Post by: franco on August 25, 2020, 11:46:58 AM
easyrule utility was removed in 2015. I don't think anyone ever asked for it since then.

Today, you can use an API to inject firewall rules https://github.com/opnsense/plugins/issues/1720 or you can simply use a WAN-only setting for the first few minutes (anti-lockout will know what you are doing) of your setup where you manually enable port 443 access before you add your LAN and OPTs.


Cheers,
Franco
Title: Re: Command line firewall rules - easyrule in opnsense?
Post by: daniel78 on August 26, 2020, 04:23:26 PM
Thanks a lot! This helps!
Title: Re: Command line firewall rules - easyrule in opnsense?
Post by: Tol Phobos on December 02, 2020, 09:54:59 PM
I used regularly easyrule on pfSense (I protected my HTPPS interface with IP source filtering on my AS adress range ... and sometime my provider change my AS).
I miss it on OPNsense.
Title: Re: Command line firewall rules - easyrule in opnsense?
Post by: franco on December 03, 2020, 08:03:07 PM
It's perfectly possible to write a plugin emulating the functionality with all the rule handling reworks we've done over the years.


Cheers,
Franco
Text only | Text with Images