Cannot Create Floating Rules

[pbolduc]

My "deny" floating rules do not appear to be applying to outbound LAN traffic destined to the WAN interface.

[fabian]

Your screenshot says the opposite: Everything s there. Floating rules allow the selection for a single, multiple or even all interfaces. You can also choose the direction here.

[pbolduc]

Thank you, sorry for deleting my post. It has been a while since I have been playing with the settings in OPNSense and I forgot how it was suppose to behave. I thought if I moved my LAN firewall block policies to Floating I could better control the block and the direction at which they will be blocked. However, I am still unsuccessful in creating a subnet range block through the WAN port.

I thought if I had followed these instructions it would help:

Steps to block RFC1918 traffic from leaving the WAN interface:

"An additional firewall rule can be put in place to prevent RFC1918 traffic from leaking out of the WAN interface. This provides a small increase in security and privacy by preventing information about the local LAN from being routed further upstream to the ISP".

I have reason to believe that my problems maybe related to how I am attempting to create the block range. I am not using 192.168.1.0/25 but instead I'm attempting to supply a range such as 192.168.1.229-192.168.1.254. As a result I think the router is ignoring my requests.