Author Topic: FW terminology/concepts (Read 1544 times)

Ceaus · « **on:** May 20, 2020, 09:31:06 pm »

Hi,

Newbie here. I've set up 2 networks LAN1 and IOT. I'm trying to understand how the FW rules work. It's not entirely how I thought they would work. But that's probably just my ignorance. So before asking the stupid questions, please help me understand the following, as I couldn't find that in the documentation:

1. "LAN1 address": Is that the ip address of the LAN1 interface at the FW?

2. "LAN1 network" is that:
a) the ip range for this interface (e.g. 192.168.10.0/24).
b) whatever is networked behind that interface? (If I have a completely different ip addresses behind LAN1, would those addresses be included in the rule as well?)

3. Do I need block rules to disable zone/interface forwarding? Or is zone forwarding blocked by default?

Thanks!
Ceaus

fabian · « **Reply #1 on:** May 20, 2020, 10:37:12 pm »

Quote from: Ceaus on May 20, 2020, 09:31:06 pm

1. "LAN1 address": Is that the ip address of the LAN1 interface at the FW?

Yes

Quote from: Ceaus on May 20, 2020, 09:31:06 pm

2. "LAN1 network" is that:
a) the ip range for this interface (e.g. 192.168.10.0/24).
b) whatever is networked behind that interface? (If I have a completely different ip addresses behind LAN1, would those addresses be included in the rule as well?)

yes and no

Quote from: Ceaus on May 20, 2020, 09:31:06 pm

3. Do I need block rules to disable zone/interface forwarding? Or is zone forwarding blocked by default?

Every thing is blocked by default except some stuff OPNsense needs to function like ICMPv6.

Ceaus · « **Reply #2 on:** May 20, 2020, 11:02:33 pm »

Thanks a bunch for your reply. Much appreciated!

Author Topic: FW terminology/concepts (Read 1544 times)

Ceaus

FW terminology/concepts

fabian

Re: FW terminology/concepts

Ceaus

Re: FW terminology/concepts