Hey all,
from pfSense I really enjoyed the log view because I could search for blocked packets using a filter, view and thus identify them and then click on "Add to ..." and add the firewall rule in the corresponding section for the respective interface. Example: I searched for destination port 443, saw the blocked packet in the live log, and was able to add just such a rule for an interface by clicking on the arrow.
I miss this option in OPNsense or it is hidden somewhere else. Can anyone point me to the right direction, please?
Thanks in advance.
No, it's not an available option.
sad to hear, but thanks for the prompt feedback. Does anyone know by chance if this is still available in the latest pfSense version ?
better places to ask about pfsense than in the OPNSense forum :)
Quote from: d3v on June 10, 2025, 10:13:03 PMHey all, Incredibox Game (https://incredibox-game.io/home)
from pfSense I really enjoyed the log view because I could search for blocked packets using a filter, view and thus identify them and then click on "Add to ..." and add the firewall rule in the corresponding section for the respective interface. Example: I searched for destination port 443, saw the blocked packet in the live log, and was able to add just such a rule for an interface by clicking on the arrow.
I miss this option in OPNsense or it is hidden somewhere else. Can anyone point me to the right direction, please?
Thanks in advance.
Have you tried using the "Live View" feature in OPNsense's Firewall Logs with the os-intrusion-detection-content plugin?
Quote from: Trannie on June 11, 2025, 01:10:54 PMHave you tried using the "Live View" feature in OPNsense's Firewall Logs with the os-intrusion-detection-content plugin?
Firewall --> Log Files --> Live View
is the section I was looking for initially, as described in the beginning of this post. However I don't have installed a plugin called 'os-intrusion-detection-content' or similar and thus never tested it.
Can you tell me if this plugin will lead to the functionality I asked for?
No it won't. I've no idea how this is meant to help. It has nothing to do with your question.
There is no functionality in OPN to shortcut the creation of firewall rules from the Live View.
Quote from: cookiemonster on June 11, 2025, 11:09:48 PMThere is no functionality in OPN to shortcut the creation of firewall rules from the Live View.
Does anyone know the reason why this -in my opinion very useful- original functionality from pfSense was not transferred to OPNsense but was explicitly removed? Is somewhere more information on whether this will be included again in future OPNsense releases? Maybe there's a kind of wish list where this could be expressed or even some developers in here who can shade some light onto ?
If you feel like something is missing you can always open a feature request on github.