Text only | Text with Images

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: EFaden on April 09, 2021, 10:51:09 PM

Title: Firewall Alias "External (Advanced)"?
Post by: EFaden on April 09, 2021, 10:51:09 PM
Anyone know what they are?  They seem to be internal aliases, but I can delete them?

Thoughts?
Title: Re: Firewall Alias "External (Advanced)"?
Post by: tiermutter on April 09, 2021, 11:53:05 PM
This are default tables used by some options. Check this:
http://ports.su/security/sshlockout
https://ipinfo.io/bogon

Virusprot is a dynamic table, as far as I know, source adresses will be added when a connection limit (FW rule options) is reached,
which indicates malicious traffic.
https://docs.opnsense.org/manual/firewall.html (Connection Limits)
Title: Re: Firewall Alias "External (Advanced)"?
Post by: Greelan on April 09, 2021, 11:53:13 PM
Well, if you don't want the functionality that they facilitate - such as blocking bogon networks on interfaces, or locking out IPs that have too many failed SSH login attempts, or applying rate-limiting tunables for connections, source addresses etc - then sure. But I'd suggest they are created by default for a reason [emoji3]
Text only | Text with Images