![]() ![]() No subsequent rules are processed when the network packet matches any rule, whether it is a allow or block or reject rule. For example, the default deny rule of the OPNsense makes use of this property (if no rule applies, drop traffic).īecause firewall rules are processed from top to bottom of the rule list, the order of the rules in the list is important. This is useful for rules that define expected behavior. When the quick isn't set, the last match wins. When the rule is set to quick, it is handled on a "first match" basis, which means that the first rule that matches the packet takes precedence over rules that follow in sequence. Rules can be set to quick or not, with quick being the default setting. Internal (automatic) rules are usually the first to be registered.įigure 2. Default Anti-lockout and allow LAN to any rules on OPNsense firewall How Does OPNsense Process the Rules? įirewall rules are evaluated in order, beginning with the Floating rules section, then all rules belonging to interface groups, and finally all interface rules.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |