Messages

Thanks, all.

Wow, that was painless. Thanks again!

Another question, if I may: the log is empty despite me sending emails and I can't find a setting to turn it on. Are these settings documented somewhere? I can't find them on the page I referenced earlier.

Thank you, fabian

I'm fairly new to OPNSense and a complete noob when it comes to adding plugins so please be gentle!

I wish to add the mail gateway module to allow various devices to send automated email alerts through it, rather than external accounts like Gmail.

I've reviewed the documentation https://docs.opnsense.org/manual/how-tos/mailgateway.html and it mentions adding ClamAV, Redis and RSpamd in addition to Postfix - so my question is: are these essential if I just want the outgoing capability?

Thanks.

Thanks again - all useful comments and thoughts, too.

Thank you, Greelan. I now realise that I had got myself completely confused about what was 'in' and 'out'. It is working now.

I must thank you and this forum for your assistance - much appreciated!

Ah, sorry, I misunderstood.

That is only possible on 'in' direction - trying to configure for 'out' gives the attached error message.

Having said that, setting it on 'in' does seem to be working so thank you for your suggestion! I'm out of time now but will continue testing this evening and report back.

I have tried adding 4 separate rules to the WAN circuits, too - each an In/Out pair blocking this range and that also didn't help.

I'm starting to wonder if there is some kind of corruption to the config and whether it may be better to simply start afresh and rebuild from a new installation.

Yes, I should have said that, sorry.

I'm stumped - again, thanks for your help and ideas.

I've not created Groups.

I have tested with specific IP addresses, too. Both by cloning the rule and changing the address and by starting afresh. I am careful to always make the new rule the top one, too.

I've checked, no NAT rules.

Thanks for all your help, folks! Much appreciated!

Yes, pings are succeeding, as are http and https sessions.

Please see the expanded Floating Rules tab - all auto-generated (although I'm unclear what that means in context of the header message)

I'm not familiar with Group Rules - where are these shown please?

Auto-created rules - see attachment (can't figure out how to post inline)

Thanks for your response, Greelan

I've tried that and a device in range keeps on pinging Amazon.

See screenshot attached - this is the top rule and I have enabled it and applied it.

What is the best way to block all hosts in a continuous block of LAN IPv4 addresses from any internet access?

I'm new to OPNsense so am probably missing something basic but have been struggling with this and appear to be going around in circles without success!

My network is simple - 1 LAN, 2 WAN configured on a gateway as a failover group. I have a set of IP cameras that I want to ensure have NO internet access. They are in a continuous address range. IPv4 only, no IPv6

My attempts have involved:
- setting an alias for the cameras. I've used URL table and a list of hosts.
- I've set up block rules on the two WAN interfaces in various combinations (in, out and any) and placed these rules at the top of the stack

And the devices in the block of addresses simply continue to ping internet addresses.

I'm clearly missing something basic and fundamental but am stumped so any guidance or help appreciated.

Thanks in advance.