Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Firewall schedules
« previous
next »
Print
Pages: [
1
]
Author
Topic: Firewall schedules (Read 3360 times)
slackadelic
Full Member
Posts: 145
Karma: 9
Firewall schedules
«
on:
November 02, 2020, 06:14:35 am »
Scenario: I have a schedule setup Monday - Friday from 0:00 to 22:00 which works great
Problem: There are certain times/days/dates I would like to cause this schedule to NOT be active.
I've tried a couple of things like adding a secondary rule above the one that is normally active with it's own schedule, but it appears that the M - F rule still triggers some how.
Question:
Does anyone else use schedules in their firewall and can give me a hint as to how they are able to override the schedule so it isn't active at certain times?
Hopefully I'm not missing something simple!
Thank you!
Logged
slackadelic
Full Member
Posts: 145
Karma: 9
Re: Firewall schedules
«
Reply #1 on:
November 05, 2020, 08:37:23 pm »
So after fiddling around with different scenarios and reading up on how the sister firewall operates with schedules, it appears that when you create a schedule, there's no easy way to 'override' the schedules themselves.
Example: If you have a rule set to 'block' traffic Monday - Friday from 0:00 to 22:00 then want to 'exclude' a day say November 5th then set that rule to say 0:00 to 08:00 so that it won't be 'active' for that day/date only, it doesn't apply and is ignored.
The work around, I had to create a mirrored rule to 'allow' traffic and build it's own schedule. Then placed that rule above the 'disable' rule.
Seems counter intuitive, but it is what it is.
Logged
slackadelic
Full Member
Posts: 145
Karma: 9
Re: Firewall schedules
«
Reply #2 on:
November 06, 2020, 04:34:55 pm »
Ok ignore that, tested this last night and it 'looked' like it was working, but that wasn't the case apparently
Logged
chemlud
Hero Member
Posts: 2485
Karma: 112
Re: Firewall schedules
«
Reply #3 on:
November 06, 2020, 04:51:54 pm »
For scheduled block rules you had to kill established states 1 min after blocking time to really kll off internet access. That's the way I have implemented that, no idea if it is still needed.
If I want the block rule to be not effective, I turn it off manually... ;-)
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
slackadelic
Full Member
Posts: 145
Karma: 9
Re: Firewall schedules
«
Reply #4 on:
November 06, 2020, 04:54:12 pm »
Well, I did SOME MORE testing, as long as my rules are in proper order, I DO have to use a different schedule.
So allow rule above the block rule, then I can overrule the block schedule as needed.
Now when I tested this last night, my daughter's xbox showed it had access, but said some games didn't work until I redid the 'block' schedule and disabled my pass rule.. so not sure what it up.
Guessing there's a state issue somewhere I need to kill.
Logged
slackadelic
Full Member
Posts: 145
Karma: 9
Re: Firewall schedules
«
Reply #5 on:
November 13, 2020, 03:43:37 pm »
So, it appears it 'works' but not fully.
When the allow rule schedule is priority and active, then most functions work on the Xbox, however, games won't play which makes no sense.
If I get rid of th e'pass' rule and it's schedule, then edit the 'block' rule to disable the day like Thursday itself and remove it from the schedule.. it works.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Firewall schedules