Page MenuHomeVyOS Platform
Create Task
Maniphest T4986

Ability to filter traffic originating from the router itself via firewall
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

Ability to filter traffic originating from the router itself via firewall
Something like

set firewall interface eth* local-out

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Event Timeline

Viacheslav created this task.Feb 8 2023, 8:05 AM
n.fort added a subscriber: n.fort.Feb 8 2023, 2:11 PM

I would prefer a different syntax, in order to avoid the necessity attaching it to an interface. Maybe something like:

set firewall local-out rule <number> ....

Then in matching options, you can define, or not, outbound-interface.

All rules defined here will be written filter-output chain

pasik added a subscriber: pasik.Feb 8 2023, 2:11 PM
Viacheslav closed this task as Resolved.Jan 20 2024, 11:48 AM
Viacheslav claimed this task.

It seems to work :)

set firewall ipv4 output filter rule 10 action reject 
commit