OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • Firewall log proto/protoname to rule protcol mapping [solved]
« previous next »
  • Print
Pages: [1]

Author Topic: Firewall log proto/protoname to rule protcol mapping [solved]  (Read 1708 times)

binaryanomaly

  • Full Member
  • ***
  • Posts: 163
  • Karma: 9
    • View Profile
Firewall log proto/protoname to rule protcol mapping [solved]
« on: June 30, 2021, 09:40:22 am »
Hi,

In the live log I see that a connection gets blocked:
Code: [Select]
proto 0
protoname ip

Now I want to create a rule that allows this.
But I have no "ip" only protocol I could select nor a number "0" in the rule creation UI.

How can one translate the protocol mentioned in the log to the ones available for the rules?

Edit: As it does not appear in the logs atm it seems that my guess for IPV6-ICMP may have been right - but how could I determine without guessing?
« Last Edit: June 30, 2021, 11:34:58 am by binaryanomaly »
Logged

binaryanomaly

  • Full Member
  • ***
  • Posts: 163
  • Karma: 9
    • View Profile
Re: Firewall log proto/protoname to rule protcol mapping
« Reply #1 on: June 30, 2021, 11:34:28 am »
OK, it seems that

Code: [Select]
proto actually is the "ip protocol number" in the ipx header field (https://en.wikipedia.org/wiki/IPv4#Header).

Therefore the translation table here can be used:
https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers

Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • Firewall log proto/protoname to rule protcol mapping [solved]
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2