[pfSense] EasyRule to tun0 interface.
Sebastian Moreno
smoreno.uy at gmail.com
Tue May 15 11:08:56 EDT 2012
Hi guys, I am having a problem with easyrule on a pfsense box [1].
I want to configure dynamically a few instances of OpenVPN (through command
line)
Everything works, server it's up, client connect, but I having issues with
firewall rules.
[image: block] <http://192.168.20.8:666/diag_logs_filter.php#> May 15
14:57:52 tun0 <http://192.168.20.8:666/diag_dns.php?host=192.168.100.10>
<http://192.168.20.8:666/easyrule.php?action=block&int=tun0&src=192.168.100.10>
192.168.100.10
<http://192.168.20.8:666/diag_dns.php?host=192.168.20.120>
<http://192.168.20.8:666/easyrule.php?action=pass&int=tun0&proto=icmp&src=192.168.100.10&dst=192.168.20.120&dstport=>
192.168.20.120 ICMP
This happen when I tried a ping through the tunnel.
Ok, let's put some rules here:
#easyrule pass tun0 any * * any
Invalid interface for pass rule:
#
:-(
#ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet6 fe80::208:a1ff:fe98:85d%tun0 prefixlen 64 scopeid 0x8
inet 192.168.100.1 --> 192.168.100.2 netmask 0xffffffff
nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
Opened by PID 42413
There is another way to add a rule inside shell? Or assign this interface
on pfsense web configurator and add rules via web?
Thanks in advance.
Best regards.
[1] - FreeBSD hostname 8.1-RELEASE-p4 FreeBSD 8.1-RELEASE-p4 #1: Tue Sep 13
17:28:11 EDT 2011
root at FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8
i386
--
Sebastián Moreno
http://sebastianmoreno.com.uy
Montevideo | Uruguay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pfsense.org/pipermail/list/attachments/20120515/5f550487/attachment-0001.html>
More information about the List
mailing list