Archive > 20.1 Legacy Series

Wildcard hosts in Firewall alias

(1/1)

Pfirepfox:
Hi All,

It seems as if the alias "Hosts" lists under the Firewall do not accept wildcard entries. I have tried using "*.domain.com" and ".domain.com" but neither appear to work and i cant find any documentation on this.

What is the syntax to allow wildcards in Firewall Aliases?

nothing:
I don't think that's possible at all :)

Imagine how the firewall works - when you enter fqdn, the engine resolves it to IP (or IPs) and create the rules. There might be configured refresh time to update the resolving table. So how would you imagine resolving *.domain.tld? :)

Depending on the desired results, you should consider different approach.

Pfirepfox:
Multiple Firewall vendors have the ability to do this, so i am not too sure if it is an engine limitation or just hasn't been developed yet for OPNSense.

I need to add 500+ hosts as an alias list which are all near identical , EG: syd01.media.com, syd02.media.com etc...

What is the best way to achieve this other than copying and pasting it 500+ times?

hbc:
If these are webpages, you can block via proxy and regex.

syd[0-9][0-9]\.media\.com

Navigation

[0] Message Index