Managing Zenarmor Policies on OPNsense
To manage Zenarmor (Sensei) policies on your OPNsense firewall, navigate to the
Zenarmor - Sensei →
Advanced policy-based filtering is one of the most-loved features of Zenarmor.
Figure 1. Policy List View
With Filtering Policies you can:
- View the list of the policies
- View the status of the policies
- View the status and profiles of the Security, Application & Web Controls
- Enable/Disable a policy
- Edit/Delete/Pause/Clone a policy
- Reorder the policies
To configure the policies, you must first navigate to
Policies in OPNsense GUI.
In the Policy List View, where all your policies are listed, you can carry out the following management tasks:
- Enabling or Disabling
1. Policy Status Enabling/Disabling
You can change the status of the Policy to
Disabled by clicking on the toogle button shown in figure 2.
Figure 2. Policy Status
2. Editing a Policy
Small Orange Pen icon for editing the existing policy.
3. Deleting Policy
- (minus) icon for deleting the existing Policy.
When you try to delete a pop-up message box will appear to ask “Are you sure”.
Figure 3. Delete Policy Warning
4. Pausing Network Access for a Policy
|| (small pause) icon for stopping policy run.
When you try to pause the policy run a pop-up message box will appear to ask “Are you sure you want to continue?”
Figure 4. Pause Policy Warning
5. Cloning a Policy
small clone icon to create a copy of a policy. When you click on the
clone icon, a pop-up message box will prompt you for changing the policy name.
Figure 5. Cloning a Policy
6. Ordering Policies
Figure 6. Ordering Policies
To change the order of policies in the system, use the “Up or Down” small orange icon (Shown in figure 6).
The order of policies is important for applying rules. The policy which is displayed at the top of the list is evaluated and applied first if matched. The default policy is the fall-back policy which gets applied if no other policies are matching. The default policy’s configuration can not be edited, deleted. It cannot be moved up or down. You can still customize the Security / App / Web Control rules for the Default Policy Security - App Controls - Web Controls tab can be configured.
In the Free Edition, since there’s a single Default Policy, you should customize your rules under the Default Policy.