Dear forumer, I had a TV box which some contents are block by opnsense firewall. Can we disable firewall for certain IP. If yes, how to do it?
Can we whitelist the server ip?
What is the nature of the block, and how do you notice it? By default, all traffic is allowed outbound.
I notice the TV box cannot connect to its server when launching the app. It say network connection failed.
You need to work out the requirements for the box. Google its name and 'router' or 'firewall'. A common feature is UPnP which you can add with System: Firmware: os-upnp.
For advanced troubleshooting, run a packet capture on OPNsense and filter it on the IP address of your TV box. Interfaces: Diagnostics: Packet Capture. Wireshark is your friend: https://www.wireshark.org/
Bart...
Is there a DNS filter active? Some filter lists will block Smart TV requests...
Both of you suggestion make sense. Let me dig into it and let you know in coming days.
Quote from: tiermutter on November 27, 2023, 09:12:22 AM
Is there a DNS filter active? Some filter lists will block Smart TV requests...
How to check is the DNS filter active?
Could be different ways to have DNS blocking...
- FW block / reject rules
- Filter in used DNS service (unbound, AGH, ...)
...
Normally you should know if (and where) such lists are applied ;)
The live firewall diagnostics page should also tell you what ports are being blocked. It sounds like you're using something other than the default LAN interface for this tv box so it will only have access to what you give it.
Quote from: CJ on November 27, 2023, 04:28:24 PM
The live firewall diagnostics page should also tell you what ports are being blocked. It sounds like you're using something other than the default LAN interface for this tv box so it will only have access to what you give it.
Im using default LAN port. I suspect my ISP block it since i try Firewall diagnostic but didn't found anything that block it.
Quote from: nicholaswkc on November 27, 2023, 11:02:11 AM
Quote from: tiermutter on November 27, 2023, 09:12:22 AM
Is there a DNS filter active? Some filter lists will block Smart TV requests...
How to check is the DNS filter active?
My unbound don't have block list.
Quote from: nicholaswkc on November 28, 2023, 03:03:49 AM
Im using default LAN port. I suspect my ISP block it since i try Firewall diagnostic but didn't found anything that block it.
It is indeed possible that your ISP's DNS server is blocking your destination.
Do you know the url of the content that is being blocked? If yes then do the following steps:
(1) In a browser go to https://mxtoolbox.com/DNSLookup.aspx (https://mxtoolbox.com/DNSLookup.aspx) and put the url's domain name into the search box and hit the "DNS Lookup" button. It should return at least 1 ip address.
then
(2) Browse to your OPNsense GUI and go to Interfaces->Diagnostics->DNS Lookup and insert the domain name into the "Hostname or IP" field - leave the "Server " field empty. Hit the "Apply" button and compare the result with the result from step (1).
If you are using the ISP's DNS server and that server is blocking the url then step (2) will not return any ip address.
Hope that helps.
Can you post the make and model of the device along with what exactly is being blocked? A network diagram and your fw rules would be helpful as well.
Quote from: CJ on November 28, 2023, 04:11:02 PM
Can you post the make and model of the device along with what exactly is being blocked? A network diagram and your fw rules would be helpful as well.
The device is a TV Box which is SVI Cloud 3s. It's a HK based TV Box. My network diagram is Modem -> OPN Sense Router -> Switches/Access Point -> PC/TV Box
My firewall rules is Block Inbound All and default firewall rules. That's all. Nothing complicated.
I try to diagnose by looking Firewall - Diagnostics - States. I found nothing that block it. I have move the TV Box to different interface just to simplify the searching.
I try to disable Suricata but no helps also. I found out that there is a lot of malware alert trigger.