Migrating from pfSense to OPNsense and sourceIP traffic filtering is not working

[proutfoo]

Hello,

For the life of me I cannot figure out why inbound or outbound traffic that I am identifying by a source IP Alias is not blocked by rules I make.

I am running OPNsense in proxmox, if I shut down the vm and boot back to my pfsense I am able to define rules with a source IP alias and block them inbound or outbound. But for whatever reason in the latest OPNsense, I can't seem to ever match traffic by its source IP and its driving me bonkers.  I can't get it to reject packets either with a floating rule or with a rule on each interface, regardless if its the WAN interface or the LAN interface, in / out or both directions in the case of floating rules.

Any tips as to what I could be doing wrong as I have spent a number of hours trying to figure out what would normally be a trivial thing....thanks

[cookiemonster]

best if you show your rules and point to the one not working, and what the expected behaviour is, so people can chime in. Welcome to the forum.

[proutfoo]

thanks for the welcome.  I wiped my config and started fresh, and still have yet to be able to block an inbound packet. I went nuclear and created the following rule, applied to the WAN , inbound direction. attached image. Simply made a floating rule, applied to WAN, block, in, any any.  Yet I still have no effective inbound filtering, I would have thought this would kill all connectivity.

[Patrick M. Hausen]

OPNsense is a stateful firewall. So if you initiate a connection from LAN and you still have the "allow all" rule on LAN, then traffic will of course be allowed to flow in both directions.

"Deny all" on WAN really only blocks new connections initiated from the Internet.

[proutfoo]

interesting, it seems to work on pfSense in this way, clearly my state wasnt open when I tested. I am trying to block TOR using a Alias, by adding it as an IN filter on the LAN instead which I suppose will do the same effect. thanks for clearing  this up for me.