automatically generated rules missing in Rules [new], still avauilable [SOLVED]

Started by knowHoff, April 22, 2026, 05:56:32 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 22, 2026, 05:56:32 PM Last Edit: Today at 02:03:27 PM by knowHoff
Dear people,

after migrating "Rules" to "Rules[new]" within OPNsense 26.1.5
I was looking for those very helpful basic rules like

.sshlockout
.allow access to DHCP server
.Default deny / state violation rule
etc.

only to find them within "Rules" (old rules) in LAN, WAN, etc.

I saw here, that these rules should have been ported to "Rules [new]".

The official documentation does not mention automatically generated within Rules [new],
only within Rules (4.)

Therefore I'm worried, that as soon as Rules are removed, this will also remove the Basic, important rulesets all along within LAN and WAN.

What has to be done now?
Am I missing something?

Cheers
2x Zotac ZBOX CI327
2x FritzBox 7490 configured as VDSL Modem
ISPs: Telekom & O2
April 22, 2026, 06:10:58 PM #1
Click on "Inspect" to view them. The new and the old rule interface simply display them, since they cannot be changed by the user, anyway.

There is nothing "old" or "new" about the rules. These are simply two different UIs to the very same subsystem. The old one going to be removed, eventually.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 01:58:05 PM #2
Thanks a lot Patrick, good to know!
I've checked the rules and found them there.

I just hope, that this change will last.
Quote from: Patrick M. Hausen on April 22, 2026, 06:10:58 PMThe old one going to be removed, eventually.


off topic:
After being an early adopter of KEA DHCP,  being afraid of continues use of ISC back then,
I regret the move nowadays, since I did not find a comparable migration tool to come back to ISC.
Someday I'll take the time to either learn howto use dnsmasq or switch back to ISC manually.

Cheers
2x Zotac ZBOX CI327
2x FritzBox 7490 configured as VDSL Modem
ISPs: Telekom & O2
Today at 03:00:53 PM #3
Quote from: knowHoff on Today at 01:58:05 PMAfter being an early adopter of KEA DHCP,  being afraid of continues use of ISC back then,
I regret the move nowadays, since I did not find a comparable migration tool to come back to ISC.
Someday I'll take the time to either learn howto use dnsmasq or switch back to ISC manually.
You can Import/Export all your Static DHCP Mappings to .CSV files if that is what you are worried about ;)

Moving from ISC to KEA was like 5 to 10 minutes of work here and should I ever need to switch to DNSmasqd at some point for whatever reason I expect the same...
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Print
Go Up Pages1
User actions