Using policy to change ruleset from drop to alert

[Fright]

but I hope you understand that the existing "Default filter" policy now transfers all other rules from Alert to Drop. Many false-positive drops are possible

[Taomyn]

imho changing the "Action" parameter (the third drop-down list from the top) to Alert + Drop will be enough. The policy has a lower priority value and will have to apply to p2p rules

That action worked and all the P2P rules changed to alert, then when I changed the policy back to just "drop" it was still fine. So I disabled both my new policy and the default and now all the rules are back to just "alert" as it was before all this happened.


Now that I understand this a bit more I will try a few things out when I am on-site so as not to break my remote connection. Will let you know what happens.

[Fright]

That action worked and all the P2P rules changed to alert

glad to hear

when I changed the policy back to just "drop" it was still fine

just do not rush to conclusions  ;)

I will try a few things out when I am on-site so as not to break my remote connection

ok. just keep in mind that there were fixes after 21.1.2.
https://github.com/opnsense/core/issues/4753
fixed by #2696e42 and #8953d03

[Taomyn]

I will try a few things out when I am on-site so as not to break my remote connection

ok. just keep in mind that there were fixes after 21.1.2.
https://github.com/opnsense/core/issues/4753
fixed by #2696e42 and #8953d03

Is it possible for me to pull those fixes down for my install? I think I've done this before but I can't remember how it's done.

[Fright]

https://docs.opnsense.org/manual/opnsense_tools.html#id1  ;)

[Taomyn]

https://docs.opnsense.org/manual/opnsense_tools.html#id1  ;)

Thanks, and bookmarked  8)