Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [Solved] Blocking IP camera to get online

    Firewalling
    2
    5
    346
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kilko last edited by

      I have installed squid and see that my camera is often sending request like this:

      10.04.2018 22:09:55 192.168.103.32 TCP_MISS/200 http://hzweb2.s1.seetong.com/dev/devreg.php - 121.40.148.79
      10.04.2018 22:09:53 192.168.103.32 TCP_MISS/200 http://hzweb2.s1.seetong.com/comm/getrand.php - 121.40.148.79

      10.04.2018 22:07:05 192.168.103.31 TCP_MISS/200 http://bjweb1.s1.seetong.com/dev/devregv2.php - 182.92.160.245
      10.04.2018 22:07:03 192.168.103.31 TCP_MISS/200 http://bjweb1.s1.seetong.com/comm/getrand.php - 182.92.160.245

      I have tried blocking from LAN with these IMG: LAN_RULES.png

      Why is this block not working ? or do I have to reset squid to "empty cache" first ?


      1 Reply Last reply Reply Quote 0
      • jahonix
        jahonix last edited by

        Fist of all because "WAN net" is not the internet but the transit network between you and your provider.

        If your cameras don't need to go anywhere (which they usually don't) you can just use "*" as destination.
        Create an alias for all cameras and use that one as source. Saves you two rules.

        1 Reply Last reply Reply Quote 0
        • K
          kilko last edited by

          Thank you,
          I have created alias. IMG: Alias.png

          Aha, the camera needs to access LAN and store files on the NAS drives (Synology).
          But they dont need to access the internet.

          (I have tried searching forum I see a lot of people want their camera to go online, but not able to be able to access the the local network)




          1 Reply Last reply Reply Quote 0
          • jahonix
            jahonix last edited by

            As by your rules, the cameras are on Lan already. Every traffic on lan is handled by your switch and never reaches pfSense.
            If your NAS is on your Lan (where it usually is…) everything is fine with blocking destination "*" for your cameras.

            1 Reply Last reply Reply Quote 0
            • K
              kilko last edited by

              Super!  ;D - now the blocking works :-)


              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy