Print Page - [SOLVED] Bug or feature: selection all / no interfaces in a floating rules

Title: [SOLVED] Bug or feature: selection all / no interfaces in a floating rules
Post by: imagmbh on April 16, 2021, 05:20:04 PM

Hello,

we found an irritating beaviour: Creating a floating rule and selecting the the correct interface (WAN) or all interfaces for the the rule (e.g. IN-Rule for Port 443 for configuration) results in a non-accessibility of the configuration page. Explicit selecting none interfaces ("Select Interfaces ...") results in the desired behavior, the configuration page ist accessible from the WAN-side.

We find this behavior illogical, is it a bug or a feature?

Martin

Title: Re: Bug or feature: selection all / no interfaces in a floating rules
Post by: Fright on April 16, 2021, 06:23:14 PM

Quotethe configuration page ist accessible from the WAN-side

wow

Quoteresults in a non-accessibility of the configuration page

testing from host in wan subnet or behind gateway?

Title: Re: Bug or feature: selection all / no interfaces in a floating rules
Post by: imagmbh on April 19, 2021, 04:06:49 PM

It was tested from a host in the WAN-Subnet.

Title: Re: Bug or feature: selection all / no interfaces in a floating rules
Post by: Fright on April 19, 2021, 04:10:49 PM

in this case it is a feature )
look for reply-to directive in this rule (Firewall: Diagnostics: pfInfo: Rules). response packets are sent to the router mac.

Title: Re: Bug or feature: selection all / no interfaces in a floating rules
Post by: imagmbh on April 20, 2021, 05:13:00 PM

Thanks for your answer and your hint!

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: imagmbh on April 16, 2021, 05:20:04 PM