block ip with multi wan ip
i have on my pfsense 4 WAN IP address, i want if someone send packet to my second WAN IP, it automatically block him
does it possible?
Not sure I understand the question. All traffic arriving at a WAN address will be blocked by default.
Do you mean from the inside? What sort of block do you want there?
for example my wan IP 22.214.171.124 with subnet 255.255.255.248
now i want everyone who try to get 126.96.36.199 going be block if it wan or lan.
i dont want block all IPs , i need it block automatically only who send a traffic to this IP (188.8.131.52)
and do blacklist with this IPs, does it possible?
You could probably do that with a custom rule in Snort. Trigger on any traffic with destination 184.108.40.206.
I assume those are just example IPs since that's public address space.
thank you, it working.
for archive this my custom rules:
drop tcp $EXTERNAL_NET any -> 220.127.116.11/32 any (msg:"Ignore all traffic"; sid: 1;)
drop udp $EXTERNAL_NET any -> 18.104.22.168/32 any (msg:"Ignore all traffic"; sid: 1;)