Starlink now has data caps. I need to keep my xboxes from downloading games and updates during Peak hours and eating up all my data.
I have configured a scheduled firewall rule to do this, but I need to make it easier for my family to disable the rule when they want to play a game.
I have home assistant and have followed some instructions for using toggling API filters with HomeAssistant (Controlling OPNsense Firewall Rules from HomeAssistant https://blog.fuzzymistborn.com/opnsense-firewall (https://blog.fuzzymistborn.com/opnsense-firewall)). And this is working.
The challenge that remains is my new API Filter rule seem to block the traffic as expected.
In the Filter rule whether I set the source as 'xboxes' or as an IP of an Xbox (10.0.0.60), or as the "network" of an xbox (10.0.0.60/32) it's not blocking traffic.
Here is how the rule is configured:
Enabled: checked
Action: Block
Interface: LAN,WAN
Direction: Out
TCP/IP Version: IPv4
Protocol: any
Source: (as described above)
Destination: any
Gateway: none
What am I doing wrong?
I have resolved the issue.
I recreated the rule and accepted most of the defaults. Then tested and my Xboxes couldn't hit the internet.
Comparing the configs, the one thing that is different is I originally specified the Direction as "out", but the default was "in" and that was the fix.
The other good news is that the filter rule does like the alias I was using in the other Firewall rule!
Now, it's super easy for my wife or kids to open Home Assistant on their phone and toggle the firewall rule.
I'm really loving the upgrade from my old TP-Link router to OPNsense!
In and out are not viewed as home vs. Internet but strictly from the firewall box itself. A packet from home to the Internet is coming IN on the LAN interface.