OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: JohnnyBeee on September 17, 2018, 12:37:52 am

Title: Firewall rule ignored
Post by: JohnnyBeee on September 17, 2018, 12:37:52 am

Hi guys.

I wish to block all connections to a device on my LAN

So I set up a simple rule. It is the second in the list, right after the default "Anti-Lockout Rule"
These are the first two firewall rules for the LAN interface:

Proto    Source    Port    Destination    Port    Gateway    Schedule    Description    
     *     *            *       LAN Address    80
                                                        22     *                         Anti-Lockout Rule    
IPv4*    *          *      192.168.1.54      *       *               no connections to device

Nevertheless I can still connect to 192.168.1.54 from any device on my LAN.

What am I missing to get this to work?

Thanks for any help.

Title: Re: Firewall rule ignored
Post by: Kingrat on September 17, 2018, 01:32:17 am

This is the expected behavior. You would need a switch that supports ACLs as the traffic between devices on the same lan should never pass through the firewall.

You could use the firewall on the host itself OR put the host on its own VLAN so that it is no longer on the same network, then you could control access to it with firewall rules.