Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Firewall rules changed on reboot
« previous
next »
Print
Pages: [
1
]
Author
Topic: Firewall rules changed on reboot (Read 2215 times)
dibun
Newbie
Posts: 10
Karma: 0
Firewall rules changed on reboot
«
on:
April 11, 2019, 05:50:57 pm »
I have HW from Pcengines and it has 3 ports
1. WAN (1st port) wan/igb0
2. LAN (2nd port) opt1/igb1
3. DMZ (3rd port) opt2/igb2
4. Guest (VLAN 10 on LAN port) opt4/igb1_vlan10
Recently during one of the reboots, the LAN traffic started flowing via Guest VLAN and everything got blocked. The only way to allow is to shut down the firewall or allow LAN net firewall rules under guest VLAN.
I did reinstall and configured from scratch and it worked but now it happened again after the reboot.
I am running the latest production release.
igb1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO>
ether 00:0d:b9:51:0b:fd
hwaddr 00:0d:b9:51:0b:fd
inet6 fe80::20d:b9ff:fe51:bfd%igb1 prefixlen 64 scopeid 0x2
inet 10.1.1.1 netmask 0xffffff00 broadcast 10.1.1.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
igb1_vlan10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 00:0d:b9:51:0b:fd
inet6 fe80::20d:b9ff:fe51:bfd%igb1_vlan10 prefixlen 64 scopeid 0x9
inet 10.2.1.1 netmask 0xffffff00 broadcast 10.2.1.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
vlan: 10 vlanpcp: 0 parent interface: igb1
groups: vlan
Export from backup XML
LAN rule
----------------------
<rule>
<type>pass</type>
<interface>opt1</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>HTTP</descr>
<protocol>tcp</protocol>
<source>
<network>opt1</network>
</source>
<destination>
<any>1</any>
<port>80</port>
</destination>
<updated>
<username>root@10.1.1.5</username>
<time>1554540266.7673</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.1.1.5</username>
<time>1554540266.7673</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
Guest VLAN
--------------
<rule>
<type>pass</type>
<interface>opt4</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Default allow LAN to any rule</descr>
<source>
<network>opt4</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.1.4</username>
<time>1553809108.1252</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.1.4</username>
<time>1553809108.1252</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
Any help is really appreciated
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Firewall rules changed on reboot