IPv4 Block list not working as anticipated



  • Using PfBlockerNG-devel V2.2.5_23 on 2.4.4-RELEASE-p3 (amd64) built on Wed May 15 18:53:44 EDT 2019 FreeBSD 11.2-RELEASE-p10 (ie latest version)

    Within PfblockerNG under IP/IPv4 I have created some block lists based on ASN numbers which appear to be operating correctly as configured.

    However one of these lists which relates to Microsoft ASN's I wish to reconfigure so that it continues to block (Deny Both) all connections with the exception of three clients on my local network which are members of a new alias I have created called (rather unoriginally) AllowMicrosoftAccess.

    I have attempted to configure the Advanced Outbound Firewall Rules Settings within the Microsoft IPv4 such that a Custom Source (which is defined as my AllowMicrosoftAccess alias) is not be blocked by the floating rule which is automatically created once updated/force reload IP is run.

    I have reset the firewall state post running update force reload.

    Firewall: pfBlockerNG: IP: IPv4 Advanced Config.png

    I can see a relevant floating rule which appears to be configured as anticipated, but unfortunately the alias member clients are still being blocked by the IPv4 rule.

    Selection_003.png

    I wonder if I am misunderstanding the functionality of this section and attempting the impossible.


  • Moderator

    @farrina
    Try to change the protocol to "TCP/UDP"?



  • That sorted it thanks - now why did I not think of that !

    Cheers


Log in to reply