OPNsense Forum

English Forums => General Discussion => Topic started by: Kaxia on May 25, 2015, 03:32:19 am

Title: how to set ip range?
Post by: Kaxia on May 25, 2015, 03:32:19 am

alias, rules, etc, i can't find any place to set ip range.
who can tell me how/where to set it? Now i have to add ip singly, it need much time and easy to forget certain ip.

Title: Re: how to set ip range?
Post by: chol on May 25, 2015, 10:25:56 pm

Hi Kaxia,
you probably want to set-up DHCP services to get a IP lease automatically on your local private network.

In the Browser Web-GUI go to Services => DHCP Server and select your network interface (most likely LAN or OPT1)

If you want the WAN (DSL, UMTS) network interface get its IP address automatically from a commercial DSL/router, go to Interfaces => WAN => IPv4 Configuration Type and select "DHCP". Selcet IPv6 Configuration Type "none" or "DHCP6"

If you have DSL you can set MTU and MSS both to 1492, additionally.

Notice, if you have private RFC1918 ip addresse in the network between your OPNsense box and a consumer (DSL)router, deselect  Interfaces => WAN => Private networks "Block private networks" at the bottom of the page.

Hope that helps!

Title: Re: how to set ip range?
Post by: Kaxia on May 26, 2015, 01:56:09 am

Thank you chol!
i means when i add a rule, for example, block a ip range outbound to internet but pass another ip range outbound to internet on the same interface, then it is not easy to set ip range, alias can't do it also, i have to add ip one by one on alias, then apply in the firewall rule.

Title: Re: how to set ip range?
Post by: franco on May 29, 2015, 02:57:49 pm

Address ranges are not supported by pf in FreeBSD. You can use an alias for URL table (IPs) and dump all IPs into the file to be specified. I don't know about a better solution short of changing pf which is what we've been trying to bring back to FreeBSD anyway so we don't want to go further away by adding new features into the kernel/base.