OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • Cannot Create Floating Rules
« previous next »
  • Print
Pages: [1]

Author Topic: Cannot Create Floating Rules  (Read 2154 times)

pbolduc

  • Newbie
  • *
  • Posts: 42
  • Karma: 4
    • View Profile
Cannot Create Floating Rules
« on: April 22, 2017, 12:14:27 am »
My "deny" floating rules do not appear to be applying to outbound LAN traffic destined to the WAN interface.
« Last Edit: April 22, 2017, 01:18:38 am by pbolduc »
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: Cannot Create Floating Rules
« Reply #1 on: April 22, 2017, 12:19:18 am »
Your screenshot says the opposite: Everything s there. Floating rules allow the selection for a single, multiple or even all interfaces. You can also choose the direction here.
Logged

pbolduc

  • Newbie
  • *
  • Posts: 42
  • Karma: 4
    • View Profile
Cannot Create Floating Rules
« Reply #2 on: April 22, 2017, 12:41:09 am »
Thank you, sorry for deleting my post. It has been a while since I have been playing with the settings in OPNSense and I forgot how it was suppose to behave. I thought if I moved my LAN firewall block policies to Floating I could better control the block and the direction at which they will be blocked. However, I am still unsuccessful in creating a subnet range block through the WAN port.

I thought if I had followed these instructions it would help:

Steps to block RFC1918 traffic from leaving the WAN interface:

"An additional firewall rule can be put in place to prevent RFC1918 traffic from leaking out of the WAN interface. This provides a small increase in security and privacy by preventing information about the local LAN from being routed further upstream to the ISP".

I have reason to believe that my problems maybe related to how I am attempting to create the block range. I am not using 192.168.1.0/25 but instead I'm attempting to supply a range such as 192.168.1.229-192.168.1.254. As a result I think the router is ignoring my requests.
« Last Edit: April 22, 2017, 01:57:58 am by pbolduc »
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • Cannot Create Floating Rules
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2