Skip to main content

Managing Policies

To manage Zenarmor (Sensei) policies on your OPNsense firewall, navigate to the Zenarmor - SenseiPolicies.

Policy Management#

Advanced policy-based filtering is one of the most-loved features of Zenarmor.

Policy List View

Figure 1. Policy List View

With Filtering Policies you can:

  • View the list of the policies
  • View the status of the policies
  • View the status and profiles of the Security, Application & Web Controls
  • Enable/Disable a policy
  • Edit/Delete/Pause/Clone a policy
  • Reorder the policies

To configure the policies, you must first navigate to ZenarmorPolicies in OPNsense GUI.

Policy Actions#

In the Policy List View, where all your policies are listed, you can carry out the following management tasks:

  1. Enabling or Disabling
  2. Editing
  3. Deleting
  4. Pausing
  5. Cloning
  6. Ordering

1. Policy Status Enabling/Disabling#

You can change the status of the Policy to Enabled or Disabled by clicking on the toogle button shown in figure 2.

Policy Status

Figure 2. Policy Status

2. Editing a Policy#

Use the Small Orange Pen icon for editing the existing policy.

3. Deleting Policy#

Use the - (minus) icon for deleting the existing Policy.

When you try to delete a pop-up message box will appear to ask “Are you sure”.

Delete Policy warning

Figure 3. Delete Policy Warning

4. Pausing Network Access for a Policy#

Use the || (small pause) icon for stopping policy run.

When you try to pause the policy run a pop-up message box will appear to ask “Are you sure you want to continue?”

pause policy warning

Figure 4. Pause Policy Warning

5. Cloning a Policy#

Use the small clone icon to create a copy of a policy. When you click on the clone icon, a pop-up message box will prompt you for changing the policy name.

Clone Policy

Figure 5. Cloning a Policy

6. Ordering Policies#

order

Figure 6. Ordering Policies

To change the order of policies in the system use the “Up or Down” small orange icon (Shown in figure 6).

warning

The order of policies is important for applying rules. The policy which is displayed at the top of the list is evaluated and applied first if matched. The default policy is the fall-back policy which gets applied if no other policies are matching. The default policy’s configuration can not be edited, deleted. It cannot be moved up or down. You can still customize the Security / App / Web Control rules for the Default Policy Security - App Controls - Web Controls tab can be configured.

info

In the Free Edition, since there’s a single Default Policy, you should customize your rules under the Default Policy.