Hello,
I would like to know if in OPNsense default rules can be modified or deleted.
This is causing me troubles since I want to create a rule to block everything from the firewall to the internet (to subsequently create a rule to only allow HTTP, DNS, HTTPS and NTP).
Thank you,
Lucas
If you mean the "let out anything from firewall host itself" rule - it is "last match", so if you block traffic before it, it will never fire.
Take a look at this, point 24 (https://forum.opnsense.org/index.php?topic=42985.0).
Keep in mind that you then need to explicitely allow anything that is needed to build up your ISP connection, probably including DHCP.
...And if you're thinking of blocking traffic outbound from the firewall, have a look at this (https://forum.opnsense.org/index.php?topic=49413.msg250624). You should generally not use an outbound rule to block traffic that traverses the firewall, as it will prevent two-way session setup. Use inbound rules. I only use outbound (pass) rules to control logging, and I haven't made up my mind on that yet (it makes the live view a bit less busy).