Topics

1

23.1 Legacy Series / Default deny / state violation rule takes precedence over a custom rule

« on: June 19, 2023, 02:24:12 am »

Hello. I have several vlans. I want to allow vlan70 to access a host in a vlan99 over ssh. Sounds easy so I created a rule (img1).

I tried to ssh to the host from vlan70 to vlan99 and it worked, but ssh connection freezes after a few seconds. Opnsense live view log attached as img2.

So at first my rule allows to connect, but after several seconds auto-generated rule "Default deny / state violation rule" (img3) blocks the traffic. Why is it so?

2

General Discussion / DHCP static mapped hostname to DNS resolver, without specifying IP

« on: April 09, 2019, 09:36:38 am »

Hi. I configured DHCP Static Mappings for an interface without providing IP address (only MAC + hostname). So I want the IPs to be assigned from the poool and DNS resolver to get the mappings and serve them but unfortunately it doesn't work. I've got  Register DHCP static mappings option checked under Unbound DNS -> General.
DNS resolution works fine when I add an IP address to DHCP Static Mappings but this is not the way I want to go.

As you can see on a screenshot, devices get leases but no hostname assignments.

The situation was described on Netgate forums:
https://forum.netgate.com/topic/125306/dhcp-static-mapped-hostname-to-dns-resolver-without-specifying-ip

People claim this might be pfSense bug, so maybe it was inherited by OPNSense.

Any clue how to get things work? Or maybe someone can confirm that this is a bug in fact.