Text only | Text with Images

OPNsense Forum

Archive => 23.7 Legacy Series => Topic started by: passatiji on December 18, 2023, 09:59:40 PM

Title: [SOLVED] Blocking one IP kills entire network
Post by: passatiji on December 18, 2023, 09:59:40 PM
Hello everyone, I need help with firewall rules that should be simple but...
I am trying to block one IP (laptop) on my network from accessing Internet so I created two rules:
Pass this IP to LAN net
Block this IP to LAN

As soon as I apply second rule, nobody in my network has access to internet, it just stops working until I restore a backup from the console.

List of rules is on the screenshot and the rule in question is circled (currently disabled).
(https://forum.opnsense.org/index.php?action=dlattach;topic=37643.0;attach=31725;image)
Title: Re: Blocking one IP kills entire network
Post by: dMopp on December 18, 2023, 10:13:32 PM
Use /32 and not /24. /24 is a whole net where /32 is a single IP (where /128 is a single ipv6)
Title: Re: Blocking one IP kills entire network
Post by: passatiji on December 18, 2023, 10:19:18 PM
Wow, I never had to pay attention to these details coming from Pfsense world.
THANK YOU!!!
Text only | Text with Images