Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
[SOLVED]Need help understanding firewall rules
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED]Need help understanding firewall rules (Read 1595 times)
evan
Newbie
Posts: 6
Karma: 1
[SOLVED]Need help understanding firewall rules
«
on:
August 07, 2022, 05:42:37 pm »
On my LAN segment, if I create two rules, one which rejects all IN traffic and another with allows allows all OUT traffic, my outbound traffic is blocked. If I allow the IN traffic, my outbound traffic works. Almost like a stateless ACL would work.
I am pretty sure the firewall is stateful so I must be doing something wrong. I have attached a screenshot if that helps at all.
«
Last Edit: August 07, 2022, 05:45:46 pm by evan
»
Logged
evan
Newbie
Posts: 6
Karma: 1
Re: Need help understanding firewall rules
«
Reply #1 on:
August 07, 2022, 05:45:30 pm »
Oops. I figured it out. I am thinking about IN and OUT backwards because it is LAN interface.
Logged
Demusman
Sr. Member
Posts: 304
Karma: 13
Re: [SOLVED]Need help understanding firewall rules
«
Reply #2 on:
August 07, 2022, 07:56:18 pm »
It's the same for every interface, LAN is no different.
IN is traffic coming into the interface from the attached network.
OUT is traffic leaving the interface into the attached network.
Logged
evan
Newbie
Posts: 6
Karma: 1
Re: [SOLVED]Need help understanding firewall rules
«
Reply #3 on:
August 07, 2022, 08:05:03 pm »
Quote from: Demusman on August 07, 2022, 07:56:18 pm
It's the same for every interface, LAN is no different.
Yes, that is true but it is logically different when comparing to other products.
If I compare it some traditional firewalls where the directionalality isn't related to the interface but the network or the firewall.
In this case, WAN traffic coming from the outside is considered IN and traffic going to the internet is OUT. In this way, it is the same as opnsense.
In the case of LAN traffic it is typical for traffic coming into the LAN network to be considered IN but opnsense is the opposite.
Basically, I just have to reorient my brain to think about it from the perspective of the interface but I have been working with firewalls for a long time so it is going to take some mental adjustment on my part.
No big deal, all good now.
Logged
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: [SOLVED]Need help understanding firewall rules
«
Reply #4 on:
August 07, 2022, 11:50:19 pm »
There's nice help text on the Direction setting to assist with reminding you
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
[SOLVED]Need help understanding firewall rules