🧭 1. Overview
In OPNsense, Firewall Schedules allow you to control when a firewall rule is active.
You can define specific days and time ranges during which a rule should apply.
Common use cases:
- Restrict users’ Internet access to working hours;
- Enable remote access only during weekdays;
- Block downloads during weekends;
- Automate nightly rule disabling.
Essentially, it’s a time-based control mechanism for your firewall rules.
⚙️ 2. How It Works
When a schedule is assigned to a firewall rule,
that rule is only active during the defined time window.
Outside of that window, it is automatically disabled.
Schedules are configured in:
Firewall → Settings → Schedules
🧩 3. Creating a Schedule
Step 1 – Define Schedule
Firewall → Settings → Schedules → +Add
| Field | Description |
|---|---|
| Name | e.g., WorkHours |
| Description | Explain its purpose |
| Time Range | Start and end time (e.g., 08:00–18:00) |
| Days | Select active days (e.g., Mon–Fri) |
| Color | Visual indicator for GUI display |
You can add multiple time periods per schedule (e.g., weekdays + partial weekends).
Step 2 – Apply Schedule to a Rule
Go to:
Firewall → Rules → [Interface]
Add or edit a rule, then under Advanced Options, set:
Schedule: WorkHours
The rule will automatically enable and disable based on this schedule.
Step 3 – Verify
Outside of the schedule, the rule is shown greyed out and inactive.
State entries associated with expired schedules are automatically removed.
💡 4. Example Use Cases
Example 1: Restrict Internet Access for Students
Schedule: Student_Network
Days: Mon–Fri
Time: 07:00–22:00
Applied to rule:
Source: 192.168.50.0/24
Action: Pass
Schedule: Student_Network
→ Students can access the Internet only between 7 AM and 10 PM.
Example 2: Allow VPN Access Only During Work Hours
Schedule: Office_VPN
Days: Mon–Fri
Time: 08:00–18:00
→ The VPN rule on WAN is active only during office hours.
Example 3: Block P2P Traffic on Weekends
Schedule: Block_P2P_Weekend
Days: Sat–Sun
Time: 00:00–23:59
→ Automatically blocks torrent ports every weekend.
🧠 5. Advanced Tips
| Tip | Description |
|---|---|
| Multiple time ranges | One schedule can have multiple daily segments. |
| Combine with Aliases | Target specific users, IPs, or groups. |
| Logging & Insight | Schedule transitions appear in logs and can be analyzed. |
| Auto session cleanup | When a schedule expires, related sessions are cleared automatically. |
✅ 6. Summary
Firewall Schedules bring automation and precision to your OPNsense rule management.
They allow administrators to:
- Control access based on time;
- Reduce manual rule toggling;
- Improve security and compliance.
Perfect for environments such as schools, offices, and shared networks.