Block IP address



  • I have a certain IP address originating in China accessing my newly added webserver referring from a proxy site; I want to drop its packets, however when I added a rule in the firewall WAN section to drop packets, I still see their address logged in my httpd logs.

    Alright, actually, in the past couple minutes, I was looking, and came up with what might be my own answer, but I'd like to be sure.

    The rules to drop the packets were added at the bottom of the list, after the triggering for my httpd ports; I now remember reading somewhere that the rules are read in order, so this would make sense. I moved them to the top of the list.

    Now, will that solve my problem? Just by adding rules to drop packets from that certain IP address, at the TOP of the WAN firewall rules. I haven't modified anything in the NAT section.

    Sorry to possibly waste a thread, but I want to be sure that I'm doing this correctly.

    Thank you!



  • yup that should do it

    /F



  • You may have to reset the states in order to have this host banned. Actve states will not be reset otherwise.


Log in to reply