OPNsense Forum

English Forums => Documentation and Translation => Topic started by: mdr77 on November 13, 2020, 05:43:47 pm

Title: Firewall rules
Post by: mdr77 on November 13, 2020, 05:43:47 pm
Hi all,

i am a bit lost about the meaning of firewall rules for interfaces. Somehow i cannot find help using the documentation.
Do the rules apply for traffic leaving that specific interface or apply for incoming traffic? Somehow the documentation is really confusing about that detail

Best Regards
Title: Re: Firewall rules
Post by: chemlud on November 13, 2020, 06:33:23 pm
Hello to OPNsense!

Traffic is evaluated against the rules on the FIRST interface it reaches, i.e. a LAN client trying to reach the interwebs to, let's say, reach an SMTP/S server will need an allow rule on the LAN interface for this specific client or the whole LAN network as SOURCE and the respective port (465 iirc) as TARGET.

The reply from the SMTP/S server on th interwebs needs no specific rule, it's a stateful firewall. So NO rules on WAN normally need. Very important.