OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of FF2PacketPusher »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - FF2PacketPusher

Pages: [1]
1
21.7 Legacy Series / Re: Help Understanding States
« on: November 08, 2021, 01:42:25 am »
That makes perfect sense, didn't think about how modifying rules could affect the state listing.  I've been making lots of changes as this is a new firewall, so that explains everything.  I'll keep an eye on it after a reboot and see how the rules match up then.

Thank you for your response!

2
21.7 Legacy Series / Help Understanding States
« on: November 06, 2021, 12:46:44 am »
Can somebody help explain to me how the state listing works?  I guess my main question is why are these sessions being marked with the specific rule?  The rules listed have nothing to do with the sessions listed.  For example, "allow access to DHCP server" is an automatic rule, yet, looking at those states, DHCP doesn't use port 8883, let alone TCP...  This is the case for my "Allow Airplay to IoT" rule as well.  Those ports (5223) are not included in that rule.  Is this a bug, am I just not understanding how OPNSense is detecting the sesions?

Thanks!

3
21.7 Legacy Series / Re: IPv6 Track Interface with preferred interface suffix?
« on: October 23, 2021, 11:19:11 pm »
I like the idea of using a GUA based range for my home network and doing NAT on it.  One of my cloud providers hands out a routable /48 with every VPS, so I could easily use one of those and as long as I don't use it in the cloud, I'd never blackhole myself.  I was thinking of even doing a P2P Wireguard tunnel and just using that entirely for my IPv6 and don't use my PD from Comcast at all.  Or setting up an HE.net IPv6 tunnel.

Sounds like it's decision time. lol

Thank you both pmhausen and bimbar for the suggestions.

4
21.7 Legacy Series / IPv6 Track Interface with preferred interface suffix?
« on: October 22, 2021, 09:45:59 pm »
First post here, so hello everyone! I'm a recent convert from OpenWRT, tried pfSense but I feel it didn't really live up to the hype and the UI is atrocious...  Decided to install OPNSense and I've loved it so far!!

In OpenWRT I was able to assign the interface identifier of a delegated IP6 prefix to a LAN interface. I'm trying to end up with assigning my firewall an IP of ::1 out of my delegated (tracked) prefix for each LAN interface, but still have the prefix update if the delegated prefix changes from my upstream ISP.  Is this possible with OPNSense?

Thanks!
Richard

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2