Text only | Text with Images

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: Kornelius777 on April 17, 2023, 05:21:29 PM

Title: Firewall Rules - Scratching my head...
Post by: Kornelius777 on April 17, 2023, 05:21:29 PM
Dear all,

the last few lines in my firewall rules look like this:
(https://pasteboard.co/a28FaMlCVZ7I.png)
https://pasteboard.co/a28FaMlCVZ7I.png (https://pasteboard.co/a28FaMlCVZ7I.png)

However...
While accessing a website connected via a gateway, I keep getting this stuff:
(https://pasteboard.co/r9ABXkZaw4t9.png)
https://pasteboard.co/r9ABXkZaw4t9.png (https://pasteboard.co/r9ABXkZaw4t9.png)

I was under the assumption that this last firewall rule should never be reached - I only inserted it for debugging purposes. How can I find out why the "grant all" rule is skipped?

Kind regards,
Title: Re: Firewall Rules - Scratching my head...
Post by: Seimus on April 17, 2023, 06:31:24 PM
Can you show what subnet is configured under the LAN net?

Also did you try to clear the whole state table after you finished your rule set?
Title: Re: Firewall Rules - Scratching my head...
Post by: Kornelius777 on April 17, 2023, 07:07:22 PM
LAN net is 192.168.150.0/24

Yes, State Table has been reset
Title: Re: Firewall Rules - Scratching my head...
Post by: tekgeek on April 17, 2023, 10:10:53 PM
This thread might help.
https://forum.opnsense.org/index.php?topic=20219.0#msg93687

I kept getting these on a router reboot. Or when I moved from one vlan to another. I'm pretty sure they are just old connections that are open on the server side but closed/aborted on the client side. Or something like that. Fright did a better job explaining things in the liked thread.
Title: Re: Firewall Rules - Scratching my head...
Post by: Waschl on April 21, 2023, 03:44:16 PM
Hi. Have you checked Quick (see attached image) on the rules?
Text only | Text with Images