OPNsense Forum
English Forums => General Discussion => Topic started by: mitchskis on December 30, 2016, 06:01:41 pm
-
Hello,
I'm a bit perplexed. Perhaps someone can point me toward documentation.
I'm trying to block all TCP/25 traffic from transiting the WAN connection.
For the WAN firewall I set the following rule --
REJECT
Proto: TCP
Source: *
Port: *
Destination: *
Port: 25
Gateway: *
This properly rejects all incoming port tcp/25. It does not reject traffic from the LAN, OPT1, OPT2, or IPSEC interfaces. If I make rules on each LAN, OPT1, ... interface then it drops the incoming traffic. I can't seem to set any outgoing firewall rules.
Any pointers would be appreciated.
-
use a quick floating rule - you can set "in" or "out" there. Interface rules are always "in". Another idea: Use a negated destination for your rule.
Regards,
Fabian
-
Thanks, this is what I was looking for.
I moved the rule to from WAN to Floating, selected all interfaces, set the Gateway to WAN_GW, and set the direction to out. This rejects all outbound SMTP traffic will allowing internetwork OPT<->LAN SMTP traffic.
-
Is there any "any interface" option, or does one need to select all interfaces for each rule?
-
If you don't select an interface it is equal to any
-
Thanks!