Block port 80 traffic from lan to wan
-
I have a lan 192.168.2.0/255.255.254.0 and I want to block the traffic of port 80 from subnet 192.168.2.0/24 to WAN. But I wonder why this is not working ???
I created a rule (LAN Interface) that blocks trffic with source 192.168.2.0/24 to destination port 80. But it is not working… If I put protocol ICMP instead of TCP/UDP 80 it works and blocks ping requests !
-
You are having subnet problems
your subnet is 255.255.254.0 aka /23
and rule is 255.255.255.0 aka /24if you want to deny access of that block use ip-aliases for that many clients
-
But it works for ICMP… If subneting was the problem the rule shouldn't work for ICMP too...
-
Maybe icmp is blocked by non operational rules.
Try atleast to create aliases with proper mask and try then again
-
Are you running Squid?
Can you post a screenshot of your rules please - that's the easiest way of us seeing what the problem may be.
-
No I am not running squid.
This is the rule I am trying to do and I remind you that my LAN address is 192.168.2.0/23
-
That is for the OpenVPN interface, is that what you wanted?
-
No. I forgot to change it when I created the screenshot. The Lan Interface I want.
-
Please post a screenshot of the actual rule, not a mockup.