OPNsense Forum

Archive => 22.1 Legacy Series => Topic started by: Blade3 on April 17, 2022, 04:44:29 pm

Title: Firewall rule direction question
Post by: Blade3 on April 17, 2022, 04:44:29 pm: Hi guys,

Using opnsense and it works well. Bit of a basic question, but I am confused by rule direction (in/out).

For example, I have a server behind my lan interface which I want to be able to ping a server behidn my DMZ interface. For this, what would the rule configuration be in terms of direction? As traffic goes LAN > Firewall > DMZ, I always assumed inbound for DMZ.

Thanks
Title: Re: Firewall rule direction question
Post by: Greelan on April 17, 2022, 11:01:35 pm: No, inbound on LAN

Traffic direction is explained in the OPNsense docs, and also in the help text for the direction option in the firewall rule config:

Code: [Select]
Direction of the traffic. Traffic IN is coming into the firewall interface, while traffic OUT is going out of the firewall interface. In visual terms: [Source] -> IN -> [Firewall] -> OUT -> [Destination]. The default policy is to filter inbound traffic, which means the policy applies to the interface on which the traffic is originally received by the firewall from the source. This is more efficient from a traffic processing perspective. In most cases, the default policy will be the most appropriate.

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy