OPNsense Forum
English Forums => Tutorials and FAQs => Topic started by: yeraycito on July 11, 2019, 11:50:34 am
-
Example Port Forwading
LAN: 192.168.50.1/24
IP LOCAL PORT FORWADING: 192.168.50.18
PORT: 40
1 - In OPNSENSE/Firewall/Settings/Advanced:
- Enable Reflection for port forwards
- Enable Automatic outbound NAT for Reflection
- Save changes
2 - IN OPNSENSE/Firewall/NAT/Port Forward:
- +Add
- Interface: WAN
- Protocol: TCP
- Destination: WAN address
- Destination port range: from to
any any
- Redirect target IP: Single Host or Network
192.168.50.18
- Redirect target port: (other)
40
- Description: ( optional )
- NAT reflection: Use system default
- Save changes
WARNING: Port 40 is OPEN
How to protect the port with suricata:
1 - In OPNSENSE/Services/Intrusion Detection/Administration: ( Settings tab )
- Enable advanced mode
- Enable suricata - Enable IPS mode
- Pattern matcher: Hyperscan
- Interfaces: LAN
- Home networks: 192.168.50.1/24 ( lan example )
- Save changes
2 - In OPNSENSE/Services/Intrusion Detection/Administration: ( Donwload tab )
- Enable ALL categories
- Manually edit all categories individually:
Imput Filter: Change all alerts to drop actions
- Donwnload & Update Rules
3 - In OPNSENSE/Services/Intrusion Detection/Administration: ( Rules tab )
- Search emerging scan
- ( On page 11 of the search results ) Enable ET SCAN NMAP -sS window 1024
- Apply
4 - Restart OPNSENSE