[SOLVED] Bug or feature: selection all / no interfaces in a floating rules

Started by imagmbh, April 16, 2021, 05:20:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 16, 2021, 05:20:04 PM Last Edit: April 20, 2021, 05:15:53 PM by imagmbh
Hello,

we found an irritating beaviour: Creating a floating rule and selecting the the correct interface (WAN) or all interfaces for the the rule (e.g. IN-Rule for Port 443 for configuration) results in a non-accessibility of the configuration page. Explicit selecting none interfaces ("Select Interfaces ...") results in the desired behavior, the configuration page ist accessible from the WAN-side.

We find this behavior illogical, is it a bug or a feature?

Martin
ima GmbH, Bochum.
Wir kümmern uns um Ihre EDV und sind in allen Fragen
Rund um die IT Ihr Ansprechpartner
April 16, 2021, 06:23:14 PM #1
Quotethe configuration page ist accessible from the WAN-side
wow
Quoteresults in a non-accessibility of the configuration page
testing from host in wan subnet or behind gateway?
April 19, 2021, 04:06:49 PM #2
It was tested from a host in the WAN-Subnet.
ima GmbH, Bochum.
Wir kümmern uns um Ihre EDV und sind in allen Fragen
Rund um die IT Ihr Ansprechpartner
April 19, 2021, 04:10:49 PM #3
in this case it is a feature )
look for reply-to directive in this rule (Firewall: Diagnostics: pfInfo: Rules). response packets are sent to the router mac.
April 20, 2021, 05:13:00 PM #4
Thanks for your answer and your hint!
ima GmbH, Bochum.
Wir kümmern uns um Ihre EDV und sind in allen Fragen
Rund um die IT Ihr Ansprechpartner
Print
Go Up Pages1
User actions