Block private networks from OPT1

Started by roro, November 24, 2016, 11:37:11 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 24, 2016, 11:37:11 AM
Hello,
I use OPNsense 17.1.a_753-i386 on soekris but I get the following:
@68 block drop in log quick on vr2 inet from 10.10.0.0/8 to any label "Block private networks from OPT1"

When I put utp in OPT2 no problems.

Something wrong in filterrules?
Greetings.
November 24, 2016, 03:18:50 PM #1
You can enable or disable filtering private IP addresses per interface. Should be in the interface settings. The Firewall pages will show it to you if this addresses are blocked with a link to the page which has the settings.
November 24, 2016, 08:30:49 PM #2
Hello,
I knew that.

I did some extra testing:

when Private enabled and Bogon disabled it doesn't work.
when Private disabled and Bogon enables it works.
when Private and Bogon are disabled it works.

Looks like Private is swapped with Bogon. Something for Franco?

Greetings.
November 25, 2016, 05:13:56 PM #3 Last Edit: November 25, 2016, 05:15:38 PM by franco
Hey,

Nice catch and many thanks for running -devel!

# opnsense-patch 9e5aa0c


Cheers,
Franco

[1] https://github.com/opnsense/core/commit/9e5aa0c
Print
Go Up Pages1
User actions