Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Firewall rules incorrectly applied v25.1 #8406

Open
littlegreenbean33 opened this issue Mar 5, 2025 · 0 comments
Open

Firewall rules incorrectly applied v25.1 #8406

littlegreenbean33 opened this issue Mar 5, 2025 · 0 comments
Labels
support Community support

Comments

@littlegreenbean33
Copy link

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

Please see discussion at

OPNsense Forum
English Forums
25.1 Production Series
[CLOSED]be aware newbie. Default deny /state violation rule

rule application and reporting seem to be wrong when installing pihole in proxmox with opnsense.

To Reproduce

install opensense 25.1 in proxmox as a virtual machine.
Create a bridge to the LAN ethernet interface.
a) install a barebone debian LXC container and run pihole installation scripts
b) install barebone debian LXC container, install docker and on top install pihole docker image
assign the newly created container the same bridge as opnsense
create a lxc container and nginx (i.e. turnkey nginx-php-fastcgi)

access web portal from a browser/PC connected physically to the same switch as proxmox server.

Expected behavior

I can access the web interface of pihole (I can't)
I can get to the landing page of turnkey installation (yes I can)
piohole traffic is logged (yes it is logged)
nginx traffic is logged (only partially ICMP/DHCP)

If I look at the firewall, log file, life view, my client/browser appear as source and not as destination when trying to reach pihole

in the attached image

  • 192.168.33.17 is pihole container
  • 192.168.33.1 opnsense VM
  • 192.168.33.190 client/browser
  • 192.168.33.228 nginx container

Describe alternatives you considered

A clear and concise description of any alternative solutions or workaround you considered.

Screenshots

If applicable, add screenshots to help explain your problem.
https://drive.proton.me/urls/2X352HV2G4#5RtpnXhvIj8G screenshot

Relevant log files

If applicable, information from log files supporting your claim.

https://drive.proton.me/urls/R9M3N13AGW#V7GWiN9xuH9M logs

Additional context

virtualisation with proxmox 8.3.4

Software version used and hardware type if relevant, e.g.:

Versions
OPNsense 25.1-amd64
FreeBSD 14.2-RELEASE
OpenSSL 3.0.15
@AdSchellevis AdSchellevis added the support Community support label Mar 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
support Community support
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AdSchellevis @littlegreenbean33