Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Solved - Blocking established connections?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Solved - Blocking established connections? (Read 910 times)
pablo
Newbie
Posts: 16
Karma: 1
Solved - Blocking established connections?
«
on:
April 29, 2023, 06:47:29 pm »
Hi,
I've set up a single, scheduled IP blocking rule on my LAN. It works for new connections but it does not block an established connection.
I tried with and without
Firewall > Settings > Advanced > Schedule States
checked.
How would I go about blocking established connections?
I've searched the forum and I didn't get any hits. It's possible that my searching -fu isn't all that great. :\
Thx!
«
Last Edit: April 30, 2023, 12:40:02 am by pablo
»
Logged
pablo
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Blocking established connections?
«
Reply #1 on:
April 29, 2023, 10:51:10 pm »
Firewall > Diagnostics > States | Actions : Reset state table
But it resets all connections, not just the ones you might want new rules to apply as far as I can see. I think there has been discussion of it in the past but right now is an action on all connections.
Logged
pablo
Newbie
Posts: 16
Karma: 1
Re: Blocking established connections?
«
Reply #2 on:
April 29, 2023, 11:14:42 pm »
Thx! Any way to make it programmatic? I suppose I could try a curl/cron from another machine....
Edits
I should have done a better search. I found how to do it via the CLI:
Code:
[Select]
/sbin/pfctl -F state
For others, here's the source of the above and how to automate it:
https://forum.opnsense.org/index.php?topic=10740.0
«
Last Edit: April 30, 2023, 12:39:40 am by pablo
»
Logged
pablo
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Solved - Blocking established connections?