Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Block WAN TCP/25
« previous
next »
Print
Pages: [
1
]
Author
Topic: Block WAN TCP/25 (Read 5502 times)
mitchskis
Newbie
Posts: 22
Karma: 1
Block WAN TCP/25
«
on:
December 30, 2016, 06:01:41 pm »
Hello,
I'm a bit perplexed. Perhaps someone can point me toward documentation.
I'm trying to block all TCP/25 traffic from transiting the WAN connection.
For the WAN firewall I set the following rule --
REJECT
Proto: TCP
Source: *
Port: *
Destination: *
Port: 25
Gateway: *
This properly rejects all incoming port tcp/25. It does not reject traffic from the LAN, OPT1, OPT2, or IPSEC interfaces. If I make rules on each LAN, OPT1, ... interface then it drops the incoming traffic. I can't seem to set any outgoing firewall rules.
Any pointers would be appreciated.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Block WAN TCP/25
«
Reply #1 on:
December 30, 2016, 08:02:41 pm »
use a quick floating rule - you can set "in" or "out" there. Interface rules are always "in". Another idea: Use a negated destination for your rule.
Regards,
Fabian
Logged
mitchskis
Newbie
Posts: 22
Karma: 1
Re: Block WAN TCP/25
«
Reply #2 on:
December 30, 2016, 09:19:47 pm »
Thanks, this is what I was looking for.
I moved the rule to from WAN to Floating, selected all interfaces, set the Gateway to WAN_GW, and set the direction to out. This rejects all outbound SMTP traffic will allowing internetwork OPT<->LAN SMTP traffic.
Logged
mitchskis
Newbie
Posts: 22
Karma: 1
Re: Block WAN TCP/25
«
Reply #3 on:
December 30, 2016, 09:31:37 pm »
Is there any "any interface" option, or does one need to select all interfaces for each rule?
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Block WAN TCP/25
«
Reply #4 on:
December 30, 2016, 09:34:28 pm »
If you don't select an interface it is equal to any
Logged
mitchskis
Newbie
Posts: 22
Karma: 1
Floating Firewall Rules
«
Reply #5 on:
December 30, 2016, 10:02:48 pm »
Thanks!
«
Last Edit: December 30, 2016, 10:04:33 pm by mitchskis
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Block WAN TCP/25