1
23.7 Legacy Series / Re: let out anything from firewall host itself rule.
« on: August 11, 2023, 11:53:56 am »
Noup, even VLANS are now broken, Gateway monitoring won't work. Seems like Opensense has BIG issue with VLAN
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
23.7 Legacy Series / Re: let out anything from firewall host itself rule.
« on: August 11, 2023, 10:30:32 am »
ok will have clean install and if still see that all trafic is allowed between interfaces even firewall rule is set to block then will revert to pfSense. Its bit stupid to force any auto rules. I get about anti lockout but rest. WHY would anyone want permanent non deletable "godemode" rules?
3
23.7 Legacy Series / Re: let out anything from firewall host itself rule.
« on: August 10, 2023, 11:24:39 pm »
have 2 wans and 2 lans.
WAN01 and WAN02 come from VLAN
LAN02 is VLAN also
Before upgrade things worked.
For sanity test did put block any to any to any interfaces- noup, ZERO effect. All is passed throu like nothing there.
I did notice it cos some websites suposed to be blocked, now ANY block rules wont work.
On picture is one interface, and yes everything is passed like its not there.
WAN01 and WAN02 come from VLAN
LAN02 is VLAN also
Before upgrade things worked.
For sanity test did put block any to any to any interfaces- noup, ZERO effect. All is passed throu like nothing there.
I did notice it cos some websites suposed to be blocked, now ANY block rules wont work.
On picture is one interface, and yes everything is passed like its not there.
4
23.7 Legacy Series / let out anything from firewall host itself rule.
« on: August 10, 2023, 10:20:35 pm »
After system upgrade i got floating automated rule "let out anything from firewall host itself"
Its * to *. So it will overtake ANY block rule.
I can add manual rule to lan interface * to * block. all trafic is still passed.
How to disable these automatic rule generations?
Its * to *. So it will overtake ANY block rule.
I can add manual rule to lan interface * to * block. all trafic is still passed.
How to disable these automatic rule generations?
5
General Discussion / Opensense issues.
« on: November 17, 2021, 09:02:30 pm »
There are few.
First of all about system, i operate dual WAN that are connected to 2 LTE modems where passthrou is enabled to VLAN.
1)First issue:
One if ISP-s will give odd config over dhcp.
IP: 37.157.0.0
Mask:255.255.255.255
GW:10.177.x.x
It never works, even when far gateway is enabled.
It only works if i manually set same static config and create GW. Then it works when far gateway is enabled. And till reboot. After reboot i have to remove FarGateway flag, apply and then add flag again.
2) second issue. Automatic rules. Ater i updated system to hopefully fix issue nr one i was greted with loads of automatically generated rules. Rules that have godlike powers, you can't delete them, remove, disable wadsoever. Most anoying one was floating rule allow all * to *. <- Who came up with idea thinking its nice to have?
First of all about system, i operate dual WAN that are connected to 2 LTE modems where passthrou is enabled to VLAN.
1)First issue:
One if ISP-s will give odd config over dhcp.
IP: 37.157.0.0
Mask:255.255.255.255
GW:10.177.x.x
It never works, even when far gateway is enabled.
It only works if i manually set same static config and create GW. Then it works when far gateway is enabled. And till reboot. After reboot i have to remove FarGateway flag, apply and then add flag again.
2) second issue. Automatic rules. Ater i updated system to hopefully fix issue nr one i was greted with loads of automatically generated rules. Rules that have godlike powers, you can't delete them, remove, disable wadsoever. Most anoying one was floating rule allow all * to *. <- Who came up with idea thinking its nice to have?
Pages: [1]