Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] floating rule not working... Anybody?
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] floating rule not working... Anybody? (Read 1228 times)
manilx
Jr. Member
Posts: 88
Karma: 4
[SOLVED] floating rule not working... Anybody?
«
on:
September 09, 2022, 02:03:10 pm »
Hi
I have searched the forum and web and I do think I have created the rule correctly. I want to block traffic to/from an IP range on all interfaces.
Following:
https://www.allthingstech.ch/using-opnsense-and-ip-blocklists-to-block-malicious-traffic
I have created the following floating rule:
Protocol Source Port Destination Port Gateway Schedule Description
IPv4+6* * * testAlias * * * test
Doesnt work as I can ping from the LAN to one IP of the Alias list.
I had separate rules on LAN and WAN to block outgoing and incoming traffic to the alias but I wanted to simplify with one rule instead of 2. These rules are working and blocking.
What is wrong?
«
Last Edit: September 19, 2022, 09:41:23 pm by manilx
»
Logged
manilx
Jr. Member
Posts: 88
Karma: 4
Re: floating rule not working
«
Reply #1 on:
September 09, 2022, 04:06:38 pm »
Created another test floating rule to block traffic to one specific IP.
IPv4 * * * 148.69.220.89 * * * test
Can ping from the LAN to this IP on the internet without issues!
I just don't get why this is not working.
Respective LAN and WAN rules block without issues.
Logged
twintailterror
Newbie
Posts: 11
Karma: 0
Re: floating rule not working... Anybody?
«
Reply #2 on:
September 15, 2022, 05:55:57 am »
im having same type of issues with all rules i tested it in pf sense and i get the reverse issue vs everything open everything is closed and wont open lol
im not even sure what rules should be at this point or maybe they are backwards i dont know
i once heard sense it was a server in actually means out and out means in . (so in from should be "vlan1" meaning go out to and out from (means coming into)
Logged
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: floating rule not working... Anybody?
«
Reply #3 on:
September 15, 2022, 10:21:28 am »
The wiki and the help menu in the firewall rules explain direction for firewall rules.
Direction is assessed from the perspective of OPNsense.
So "in" means traffic coming into an interface from the network connected to that interface.
"Out" means traffic going out of an interface to the network connected to that interface.
So an "in" rule on LAN would apply to traffic coming into the LAN interface on OPNsense from devices in LAN net.
Most of the time, only "in" rules are needed.
Logged
manilx
Jr. Member
Posts: 88
Karma: 4
[SOLVED] floating rule not working... Anybody?
«
Reply #4 on:
September 19, 2022, 09:40:59 pm »
I had to add another set of rules for incoming. Now all traffic out/in is blocked to the respective IP lists:
IPv4 * Emerging_Threats * * * * * block Emerging Threats from
IPv4 * * * Emerging_Threats * * * block Emerging Threats to
IPv4 * CIArmy * * * * * block CIArmy from
IPv4 * * * CIArmy * * * block CIArmy to
IPv4 * Firehol_level2 * * * * * block Firehole 2 from
IPv4 * * * Firehol_level2 * * * block Firehole 2 to
IPv4 * Firehol_level3 * * * * * block Firehole 3 from
IPv4 * * * Firehol_level3 * * * block Firehole 3 to
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] floating rule not working... Anybody?