OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: darkbot956 on April 16, 2017, 12:40:38 am

Title: Can't change firewall port blocking rules
Post by: darkbot956 on April 16, 2017, 12:40:38 am

Ya new noob question of the day, can't seem to be able in the firewall rules part of OPNsense admin config to change anything when it comes to ports or port ranges, what am i missing ?

O_o

Title: Re: Can't change firewall port blocking rules
Post by: bartjsmit on April 16, 2017, 09:58:50 am

Do you mean the ports in the anti-lockout rule? Those are set in the System -> Administration page. You can change the TCP port for web access and/or the port for SSH.

Bart...

Title: Re: Can't change firewall port blocking rules
Post by: darkbot956 on April 16, 2017, 04:43:41 pm

No i mean the PF/firewall rules are all broken and impossible to make when it comes to ports/port ranges in 17.1

Might i add as well that i'm use to manual firewall configs at lest with my setup and i run 4 firewalls back to back all manually configured from point "A"  to point "B"

Opnsense would have bin the 5th firewall / ids setup, though i'm still getting use to it and its nuts in their, so many options but its not like i don't know how to work a firewall.

From my research i only found this on the topic and their going on about alias or something, not understanding 100% what their talking about here but it ends with lets all just go use Pfsence or something.

https://forum.opnsense.org/index.php?topic=2953.0

In the opnsense wiki / manual this is all i can find on the topic.

https://docs.opnsense.org/manual/how-tos/fwcategory.html

As for SSH/TFTP/Telnet/etc and the like, that all needs to be disabled permanently all the way around, only people that will try and use that will be hackers and all i see with wireshark all day long is botnets trying to connect using that crap so you know.

If i had a SSH/Tftp/telnet/ftp port open at my end all it would lead to would be a honey pot server full of virus's/rats/rootkits were i mess with people and try and destroy their computers if they download a single file and click on it at their end.

As for firewalls this is one i use and probably my favorite over all, total old school firewall and runs in 256colors and works in win95 !

http://www.filseclab.com/eng/products/firewall.htm (http://www.filseclab.com/eng/products/firewall.htm)

Open source too, sucks no ones worked on it to make it better and sadly this firewall blows everything out of the water ever made for Linux desktop distros and i means all of em.

Wish i could code :(

I do something with that firewalls code & make a nice home page with a donations button and a forum or something and at the same time shame everything ever made for Linux desktops distros.