Rule not shown in pfctl

Started by Gandalf2434, October 02, 2021, 05:52:28 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 02, 2021, 05:52:28 PM
Hey there,
I deactivated the automatic anti-lockout-rules because they were put only on my IoT-VLAN-Interface (which doesn't make much sense). I have a seperate vlan for management-purpose (vlan90 and the OpnSense listens there on IP 10.10.90.1/24 for https and ssh). So I wanted to create my own anti-louckout-rules to allow my trusted network (vlan10 10.10.10.0/24) to connect there.
I created the following rules for my "Trusted" interface (see also attachment).

Code Select

PASS in quick IPv4 TCP Trusted net * 10.10.90.1 443 (HTTPS) * * /!\ ANTI LOCKOUT /!\
PASS in quick IPv4 TCP Trusted net * 10.10.90.1 22 (SSH) * * /!\ ANTI LOCKOUT /!\


Well the rule for https is working, I can connect to the WebGui. But the rule for ssh is not working. That said I logged in to the OpnSense and did a
Code Select
pfctl -s rules and found that the ssh-rule isn't even there. I only find the rule for https:
Code Select
pass in quick on lagg0_vlan10 inet proto tcp from (lagg0_vlan10:network) to 10.10.90.1 port = https flags S/SA keep state label "347979aabfc8b8e68a6b5c3fccb9ee7e" but no rule for the ssh traffic.

Code Select
root@opnsense:~ # pfctl -s rules | grep 10.10.90.1
pass in quick on lagg0_vlan10 inet proto tcp from (lagg0_vlan10:network) to 10.10.90.1 port = https flags S/SA keep state label "347979aabfc8b8e68a6b5c3fccb9ee7e"

Could you give me a hint what  could do?! I already edited the rule several time, pushed it to different places in the ruleset and even did a reboot.

Thanks for your help, cause I feel not very confident.
October 02, 2021, 06:08:55 PM #1
Well it seems as OpnSense does not like to see backslashes in Descriptions...
I first thought so and changed the description of the rule, but nothing changed. (Of course I applied the changes every time). Then I created a new rule with a different desctiption (without special characters) and it was working. Deleted the old rule, changed the description of the new one to
Code Select
/!\ ANTI LOCKOUT /!\ and it was gone again.....
So... you have to be careful choosing descriptions.
Print
Go Up Pages1
User actions