Using policy to change ruleset from drop to alert

Started by Taomyn, March 06, 2021, 10:55:15 AM

Previous topic - Next topic
but I hope you understand that the existing "Default filter" policy now transfers all other rules from Alert to Drop. Many false-positive drops are possible

Quote from: Fright on March 08, 2021, 02:53:11 PM
imho changing the "Action" parameter (the third drop-down list from the top) to Alert + Drop will be enough. The policy has a lower priority value and will have to apply to p2p rules


That action worked and all the P2P rules changed to alert, then when I changed the policy back to just "drop" it was still fine. So I disabled both my new policy and the default and now all the rules are back to just "alert" as it was before all this happened.


Now that I understand this a bit more I will try a few things out when I am on-site so as not to break my remote connection. Will let you know what happens.

QuoteThat action worked and all the P2P rules changed to alert
glad to hear
Quotewhen I changed the policy back to just "drop" it was still fine
just do not rush to conclusions  ;)
QuoteI will try a few things out when I am on-site so as not to break my remote connection
ok. just keep in mind that there were fixes after 21.1.2.
https://github.com/opnsense/core/issues/4753
fixed by #2696e42 and #8953d03

Quote from: Fright on March 08, 2021, 03:36:39 PM
QuoteI will try a few things out when I am on-site so as not to break my remote connection
ok. just keep in mind that there were fixes after 21.1.2.
https://github.com/opnsense/core/issues/4753
fixed by #2696e42 and #8953d03


Is it possible for me to pull those fixes down for my install? I think I've done this before but I can't remember how it's done.