Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block IP address

    Firewalling
    3
    3
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aven
      last edited by

      I have a certain IP address originating in China accessing my newly added webserver referring from a proxy site; I want to drop its packets, however when I added a rule in the firewall WAN section to drop packets, I still see their address logged in my httpd logs.

      Alright, actually, in the past couple minutes, I was looking, and came up with what might be my own answer, but I'd like to be sure.

      The rules to drop the packets were added at the bottom of the list, after the triggering for my httpd ports; I now remember reading somewhere that the rules are read in order, so this would make sense. I moved them to the top of the list.

      Now, will that solve my problem? Just by adding rules to drop packets from that certain IP address, at the TOP of the WAN firewall rules. I haven't modified anything in the NAT section.

      Sorry to possibly waste a thread, but I want to be sure that I'm doing this correctly.

      Thank you!

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        yup that should do it

        /F

        1 Reply Last reply Reply Quote 0
        • jahonixJ
          jahonix
          last edited by

          You may have to reset the states in order to have this host banned. Actve states will not be reset otherwise.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.