Print Page - Firewall rule - block all (with exception)?

Title: Firewall rule - block all (with exception)?
Post by: Zoltrix on January 09, 2024, 07:03:07 AM

Hi all,

Probably a silly question. I am attempting to create a firewall rule set that will block all SNMP traffic to the firewall, except for one host.

I've attached a screenshot of the rules. I've created a "Pass" rule for the single host, and then a "Block" rule. The block rule works on its own, but when I enable the "Pass" rule, it allows access again for all IPs, not just the single IP in the rule.

Cheers

Title: Re: Firewall rule - block all (with exception)?
Post by: passeri on January 09, 2024, 07:33:33 AM

All of your addresses cover the range 192.168.0.0 to 192.168.0.255. I think you want the source address to be specific, to have no CIDR or /32 if it does.

Title: Re: Firewall rule - block all (with exception)?
Post by: Zoltrix on January 09, 2024, 08:10:04 AM

Thanks mate, that was an easy fix!

OPNsense Forum

English Forums => General Discussion => Topic started by: Zoltrix on January 09, 2024, 07:03:07 AM