Firewall rule direction question

Started by Blade3, April 17, 2022, 04:44:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 17, 2022, 04:44:29 PM
Hi guys,

Using opnsense and it works well. Bit of a basic question, but I am confused by rule direction (in/out).

For example, I have a server behind my lan interface which I want to be able to ping a server behidn my DMZ interface. For this, what would the rule configuration be in terms of direction? As traffic goes LAN > Firewall > DMZ, I always assumed inbound for DMZ.

Thanks
April 17, 2022, 11:01:35 PM #1
No, inbound on LAN

Traffic direction is explained in the OPNsense docs, and also in the help text for the direction option in the firewall rule config:

Code Select
Direction of the traffic. Traffic IN is coming into the firewall interface, while traffic OUT is going out of the firewall interface. In visual terms: [Source] -> IN -> [Firewall] -> OUT -> [Destination]. The default policy is to filter inbound traffic, which means the policy applies to the interface on which the traffic is originally received by the firewall from the source. This is more efficient from a traffic processing perspective. In most cases, the default policy will be the most appropriate.
Print
Go Up Pages1
User actions