You have a handle and you want to limit access to certain IP ranges, for example private IP ranges. If your OPNsense Firewall only has one public IP address, this can't be configured by using firewall rules.
An ACL will get a named handler, with an UUID, just as subdomains do now.
The ACLs will get their own menu in the GUI.
Each ACL will be a tokenized field where a number of IPv4 or IPv6 addresses or cidr ranges can be input.
Each ACL will get an additional checkbox to invert the match if needed.
Then if enabled, they will create something like this:
Example Usecase:
You have a handle and you want to limit access to certain IP ranges, for example private IP ranges. If your OPNsense Firewall only has one public IP address, this can't be configured by using firewall rules.
An ACL will get a named handler, with an UUID, just as subdomains do now.
The ACLs will get their own menu in the GUI.
Each ACL will be a tokenized field where a number of IPv4 or IPv6 addresses or cidr ranges can be input.
Each ACL will get an additional checkbox to invert the match if needed.
Then if enabled, they will create something like this:
Example configurations for exact domains:
Example configuration for subdomains with TLS:
Example with not matcher: