With pf and ipfw it's quite easy to write a single line rule that lets you define the allowed ICMP and ICMP6 types, but with OpnSense you have to create an individual rule for each type. Can this be refactored to allow selecting multiple types just like you can select multiple interfaces?
�
It was discussed a long ago in "Implementing a better ICMP selector in filter rules (https://forum.opnsense.org/index.php?topic=14891.0)" but nothing came of it.
Just add a GitHub ticket and we can consider it for automation rules.
Quote from: franco on April 01, 2025, 10:10:17 AMJust add a GitHub ticket and we can consider it for automation rules.
I'll do that.
What do you refer to by "...consider it for automation rules"?
Firewall: Automation: Filter which is already MVC.
Quote from: franco on April 01, 2025, 10:33:04 AMFirewall: Automation: Filter which is already MVC.
I see, I have to read up on that. I have no idea what firewall automation is or what they are for.
The point is to get the foot in the door and we don't want to change static *.php pages due to maintenance reasons, but who knows what happens once the basic support is in...
Cheers,
Franco
Quote from: franco on April 01, 2025, 11:10:44 AMThe point is to get the foot in the door and we don't want to change static *.php pages due to maintenance reasons, but who knows what happens once the basic support is in...
I undertand, thanks you Franco, for being as patient as your are :)
https://github.com/opnsense/core/issues/8513
As firewall automation is in development right now I added this as issue for it.
Quote from: Monviech (Cedrik) on April 01, 2025, 03:29:48 PMAs firewall automation is in development right now I added this as issue for it.
Thanks a ton!