Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
FW rules behavior
« previous
next »
Print
Pages: [
1
]
Author
Topic: FW rules behavior (Read 1741 times)
michaelgo
Jr. Member
Posts: 52
Karma: 1
FW rules behavior
«
on:
November 26, 2021, 03:22:05 pm »
Hi,
WAN to LAN icmp rules test shows strange behavior -
when it's off (no ping allowed) the FW blocks, seen in the live view, then i enable the rule and when applied, the ping starts immediately.
However, if i start ping WAN to LAN and disable the rule (and apply) the ping continues, and only if i stop and start ping it's blocked.
did i miss something in the settings?
The rules are applied per interface.
floating rule icmp in/out behaves the same way.
Is this by design?
thanks
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: FW rules behavior
«
Reply #1 on:
November 26, 2021, 04:12:11 pm »
hi
didn't quite understand the description. but states are also created by pf for the ICMP. when pf reloads on Apply the state is not cleared. so a icmp.first timeout is required.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
FW rules behavior
