[pfSense] EasyRule to tun0 interface.

Sebastian Moreno smoreno.uy at gmail.com
Tue May 15 11:08:56 EDT 2012


Hi guys, I am having a problem with easyrule on a pfsense box [1].

I want to configure dynamically a few instances of OpenVPN (through command
line)

Everything works, server it's up, client connect, but I having issues with
firewall rules.

 [image: block] <http://192.168.20.8:666/diag_logs_filter.php#> May 15
14:57:52 tun0 <http://192.168.20.8:666/diag_dns.php?host=192.168.100.10>
<http://192.168.20.8:666/easyrule.php?action=block&int=tun0&src=192.168.100.10>
 192.168.100.10
<http://192.168.20.8:666/diag_dns.php?host=192.168.20.120>
<http://192.168.20.8:666/easyrule.php?action=pass&int=tun0&proto=icmp&src=192.168.100.10&dst=192.168.20.120&dstport=>
 192.168.20.120 ICMP

This happen when I tried a ping through the tunnel.

Ok, let's put some rules here:

#easyrule pass tun0 any * * any
Invalid interface for pass rule:
#

:-(

#ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
 options=80000<LINKSTATE>
inet6 fe80::208:a1ff:fe98:85d%tun0 prefixlen 64 scopeid 0x8
 inet 192.168.100.1 --> 192.168.100.2 netmask 0xffffffff
nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
 Opened by PID 42413


There is another way to add a rule inside shell? Or assign this interface
on pfsense web configurator and add rules via web?

Thanks in advance.
Best regards.

[1] - FreeBSD hostname 8.1-RELEASE-p4 FreeBSD 8.1-RELEASE-p4 #1: Tue Sep 13
17:28:11 EDT 2011
root at FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8
 i386

--
Sebastián Moreno
http://sebastianmoreno.com.uy
Montevideo | Uruguay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pfsense.org/pipermail/list/attachments/20120515/5f550487/attachment-0001.html>


More information about the List mailing list