Messages

1

20.7 Legacy Series / Re: Updated Traffic Graphs

« on: March 03, 2021, 01:00:51 pm »

Is there any update on adding the old Lan monitoring back where you can just see your LAN IP's and their traffic? With Hostname support too

Or is there a way to edit the current config to re-add this back?

The current top talkers show the LAN IP and also the WAN IP in the LAN interface its connecting to..

2

21.1 Legacy Series / Re: Schedule Based Firewall Rules

« on: March 03, 2021, 12:11:27 pm »

Hi PWCDC,

I have set mine up to block the kids internet access at certain times..

Create a schedule to allow times that you want to allow internet traffic.
(Here's mine currently)
https://ibb.co/Jz1z3Q1

Now go to your LAN firewall rules and create a block internet rule for the IP addresses you want to restrict.. Then add an allow rule for the same IP addresses and add the schedule for this..
Make sure you add this to the Lan Net
https://ibb.co/SBqH9CX
Make sure you add your schedule to this (not shown in the screenshot)

https://ibb.co/6rKHpNX

As chemlud say's its a stated firewall so the rule doesn't kick in dead on the time you allow but the minute later.

So if you have a cut off say 21:59hrs it will stop at 22:00hrs

@chemlud, i think it was my post you was talking about but it didn't work correctly the way I originally had it as the connections stayed active slightly until I changed it to this method. Now connections drop and dont access or ping any internet connections at all.

3

General Discussion / Re: How to totally block internet access completely. Stumped.

« on: February 04, 2021, 09:09:59 pm »

You need to reset states or do a reboot after setting such a rule. Connections that were open before creating that rule, will still be possible because the OPNsense has states saved for those connections.

Thanks Gauss23 that was it, I wasn't resetting the states (Never crossed my mind) Also added in disable reply-to as well helped.

You have not understood the way firewall rules are ste up in OPNsense. Direction "IN" always is relative to the respective interface. So "IN" on LAN means comming from a client of your LAN, meant to leave OPNsense via a different interface.

Delete this nonsense and back to square one...

Thanks chemlud, your excellent knowledge of Firewalls surpasses my feeble attempt....... however Gauss23 hit it out of the park with his answer...

4

General Discussion / How to totally block internet access completely. Stumped.

« on: February 03, 2021, 09:35:53 pm »

Hi All,

I have gone through numerous forum posts on this subject and I'm banging my head against the wall over it. I can get the rule to work but its still letting some internet traffic in..   I have a LAN rule set as per the screenshot below..



The issue is the device loses internet slightly, so say for instance they get a message on facebook it gets in, same with video calls initialising but obviously not acknowledging the answer.

Also can ping google 8.8.8.8 for instance.

Is there a surefire way to completely block internet access?

Hope someone has the answer I have blindly missed.

5

20.7 Legacy Series / Re: Updated Traffic Graphs

« on: February 01, 2021, 11:37:54 pm »

Yep would love the host name function back and only true Lan IP stats showing, not the IP address the Lan is talking to too..

6

20.7 Legacy Series / Re: Updated Traffic Graphs

« on: January 28, 2021, 06:07:43 pm »

I thought I was going mad today, only installed OPNsense early this week and this was my go to section and is what I thought was a major point in keeping this installed.

Updated this morning to the latest version and blam, changed and couldn't find it..

Any ideas on when the updated (Old) version is going to be released?