You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Block rule make pass for idk why reason. Block rule block "bad" ip, no mater of port right? That weird.
Blocked rule:
Passed rule:
If is it true pass but it's blocked and it's wrong in gui or its pass.
Float?
disabled it on float but it come back on another rule...
err...
ok look at rule "Nie Polska" with should filter out everything outside Poland IPs using GEOIP
and ip 179.60.147.138 (Venezuela (VE)) looks like outside but it pass...
maybe roule? lets go to rid
looks good, we looking for invert of "Polska"
Alias "Polska":
in csv geolite2 i see match
TL DR
why it pass but it should block? Block rule on top. Label and ruleid is from BLOCK rule but it make PASS.
There seems to be a bit of NAT being involved so I'd like to ask you to recheck with the 24.7.10 kernel. A number of pflog related bugs surfaced recently.
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Describe the bug
Versions
OPNsense 24.7.9_1-amd64
FreeBSD 14.1-RELEASE-p6
OpenSSL 3.0.15
Block rule make pass for idk why reason. Block rule block "bad" ip, no mater of port right? That weird.
Blocked rule:
Passed rule:
If is it true pass but it's blocked and it's wrong in gui or its pass.
Float?
disabled it on float but it come back on another rule...
err...
ok look at rule "Nie Polska" with should filter out everything outside Poland IPs using GEOIP
and ip 179.60.147.138 (Venezuela (VE)) looks like outside but it pass...
maybe roule? lets go to rid
looks good, we looking for invert of "Polska"
Alias "Polska":
in csv geolite2 i see match
TL DR
why it pass but it should block? Block rule on top. Label and ruleid is from BLOCK rule but it make PASS.
Tip: to validate your setup was working with the previous version, use opnsense-revert (https://docs.opnsense.org/manual/opnsense_tools.html#opnsense-revert)
Can't do it.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
all traffic is blocked from "bad" ip
need more?
The text was updated successfully, but these errors were encountered: