OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: rozza-m on September 19, 2020, 10:31:18 pm

Title: Why aren't my firewall rules working
Post by: rozza-m on September 19, 2020, 10:31:18 pm

Apologies for what's probably a noob question but I have tried researching I promise!

(https://i.ibb.co/Mc1NK70/Screenshot-2020-09-19-212023.png) (https://ibb.co/Mc1NK70)

I don't get why some of these packets are getting through and others aren't. The floating rule that seems to be not-quite working is as follows:

Code: [Select]

Action Pass
 Interface LAN, WAN [*I'll limit this when it's working]
 Direction in
TCP/IP Version IPv4
 Protocol any
 Source Single host or Network 192.168.1.1/24
 Destination Single host or Network 192.168.2.3/32
 Destination port range any
 Gateway 192.168.1.4 *[Route set up and seemingly working]
Advanced Options [all default]
 State Type keep state
Notably the disallowed packets have tcpflags R, A or FPA, allowed packets seem to be S. I don't have anything set in the TCP flags section.

Title: Re: Why aren't my firewall rules working
Post by: banym on September 19, 2020, 11:25:52 pm

Why do you use a floating rule?
Can you please explain your setup and network more.
Please make some screenshots of the rules.

Title: Re: Why aren't my firewall rules working
Post by: rozza-m on September 21, 2020, 01:55:59 pm

Apologies for the delay in replying!

I think I might have fixed it by moving to LAN rules and then turning off state detection in advanced settings.