OPNsense Forum

English Forums => General Discussion => Topic started by: guest15512 on March 22, 2017, 08:58:38 am

Title: How to create pf Tables?
Post by: guest15512 on March 22, 2017, 08:58:38 am

Sorry for the stupid question, but how can I create a pf table in the web front-end using several aliases?

Title: Re: How to create pf Tables?
Post by: guest15512 on March 23, 2017, 08:29:22 am

Nothing? Is not possible to define pf tables?

Title: Re: How to create pf Tables?
Post by: franco on March 24, 2017, 08:11:56 am

What do you want to do exactly? You did not describe your high level requirement. We do not provide direct access to pf tables, but the aliases may be able to do what you intended to do.


Thanks,
Franco

Title: Re: How to create pf Tables?
Post by: guest15512 on March 24, 2017, 03:09:50 pm

Ok, I will try to explain. What I want to do is this:

table <internal_networks> const { $dmzpri_network $enc_network $mgmt_network $prod_network $vpn_network }

 like you do in pf.conf on OpenBSD and FreeBSD/HardenedBSD.

 In theory, with aliases options it could be do. But my surprise (doing a pfctl -sa in opensese's shell):

TABLES:
__automatic_917c11cf_0
bogons
inverness
mgmt_network
perth
scotland
sshlockout
tonatsubnets
virusprot
webConfiguratorlockout

 inverness is defined as a single host and mgmt_network is defined as a single network. Why are treated as a tables? And why can't I define a real table that contains another aliases?

Title: Re: How to create pf Tables?
Post by: franco on March 24, 2017, 03:31:12 pm

I don't know your config.xml so I don't know why they are tables. :)

But for aliases you can nest them with no problem. Just use alias name when adding an entry to another alias (of the same type).


Cheers,
Franco