Opnsense Transparent Filtering Bridge

Aus Xinux Wiki

Version vom 10. Juni 2024, 20:00 Uhr von Thomas.will (Diskussion | Beiträge) (→‎Assign a management IP/Interface)

(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)

Zur Navigation springen Zur Suche springen

Transparent Filtering Bridge

Netplan

drawio: trans-bridge-1

Interfaces

MGMT

WAN

LAN

Disable Outbound NAT rule generation

To disable outbound NAT, go to Firewall ‣ NAT ‣ Outbound and select “Disable Outbound NAT rule generation”.

Change system tuneables

Enable filtering bridge by changing net.link.bridge.pfil_bridge from default to 1 in System ‣ Settings ‣ System Tuneables.

net.link.bridge.pfil_bridge =1

net.link.bridge.pfil_member = 0

Create the bridge

Create a bridge of LAN and WAN, go to Interfaces ‣ Other Types ‣ Bridge. Add Select LAN and WAN.

Assign a management IP/Interface

To be able to configure and manage the filtering bridge (OPNsense) afterwards, we will need to assign a new interface to the bridge and setup an IP address.

Disable Block private networks & bogon
For the WAN interface we nee to disable blocking of private networks & bogus IPs.
Go to Interfaces ‣ [WAN] and unselect Block private networks and Block bogon networks.

Quelle

https://docs.opnsense.org/manual/how-tos/transparent_bridge.html#transparent-filtering-bridge

Abgerufen von „http://wiki.ixheim.de/index.php?title=Opnsense_Transparent_Filtering_Bridge&oldid=54307“