Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - j0xter

Pages1
#1
25.7 Series / Re: Automatic Rules killed my connection
August 15, 2025, 11:01:01 AM
Quote from: Patrick M. Hausen on August 15, 2025, 09:55:31 AM
Quote from: j0xter on August 15, 2025, 07:30:11 AMAre we saying that this deny rule has existed since i configured the FW?

Yes. Like any firewall the default policy is "deny anything which is not explicitly allowed". This is achieved by this default rule which matches last.

You might want to check your allow rules - it seems they do for some reason not match connecting to the site you mentioned with your browser. Do you have Geo IP in your allow rules?

What is the best way to list the rules in terminal?

So we might get a productive thing going


I haven't touched anything like that.
Only rule change ive made is to allow Wireguard

And that was 4 month ago.
#2
25.7 Series / Re: Automatic Rules killed my connection
August 15, 2025, 07:30:11 AM
Quote from: hharry on August 15, 2025, 05:22:14 AMsome more info would be helpful..

are you referring to the Default deny / state violation rule ? or some other rule ?

I've tested the scenario, (many times) in both LAB and production, where ISP goes down, then comes back up and haven't' had any issues...OPNsense recovered the WAN interface and L2 and L3 topology automatically, gateway monitor also always recovers automatically as expected, and haven't observed any automatic rule changes...

If you restart OPNsense, or make a F/W rule change, there is a known issue, where the F/W state tables rule's can get out of sync, necessitating a F/W state table reset....in  Firewall: Diagnostics: States -> Actions 'Reset state table'

Thank you for suggestions to perform a reset of the state tables,

But that didn't help am i afraid

Are we saying that this deny rule has existed since i configured the FW?

It sure goes to work when i reload a page like bredbandskollen.se :)



It has worked fantastic for over a year, 4 month ago i added a Wireguard connection

that's only special thing about my firewall

#3
25.7 Series / Automatic Rules killed my connection
August 15, 2025, 12:04:42 AM
Today my ISP had a issue, everything was down.
After they fixed it i noticed that i couldn't reach some sites, like steam, bredbandskollen
tv4.. list goes on.
Ping worked, dns no issues.
So i looked at wireshark..
Concluded that firewall dint let the remote sites talk back

To confirm i brought out my old OpenBSD firewall/router
No issues. everything worked.

So what happened?
Today there was a automatic rule created
a" any to any " deny rule

Searching to find a way to reset that table

TLDR
Remove the rules created today.
It has worked perfectly until my isp had a
mishap
Pages1