OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: pbolduc on April 22, 2017, 12:14:27 am
-
My "deny" floating rules do not appear to be applying to outbound LAN traffic destined to the WAN interface.
-
Your screenshot says the opposite: Everything s there. Floating rules allow the selection for a single, multiple or even all interfaces. You can also choose the direction here.
-
Thank you, sorry for deleting my post. It has been a while since I have been playing with the settings in OPNSense and I forgot how it was suppose to behave. I thought if I moved my LAN firewall block policies to Floating I could better control the block and the direction at which they will be blocked. However, I am still unsuccessful in creating a subnet range block through the WAN port.
I thought if I had followed these instructions it would help:
Steps to block RFC1918 traffic from leaving the WAN interface:
"An additional firewall rule can be put in place to prevent RFC1918 traffic from leaking out of the WAN interface. This provides a small increase in security and privacy by preventing information about the local LAN from being routed further upstream to the ISP".
I have reason to believe that my problems maybe related to how I am attempting to create the block range. I am not using 192.168.1.0/25 but instead I'm attempting to supply a range such as 192.168.1.229-192.168.1.254. As a result I think the router is ignoring my requests.