IPv4 Block list not working as anticipated
-
Using PfBlockerNG-devel V2.2.5_23 on 2.4.4-RELEASE-p3 (amd64) built on Wed May 15 18:53:44 EDT 2019 FreeBSD 11.2-RELEASE-p10 (ie latest version)
Within PfblockerNG under IP/IPv4 I have created some block lists based on ASN numbers which appear to be operating correctly as configured.
However one of these lists which relates to Microsoft ASN's I wish to reconfigure so that it continues to block (Deny Both) all connections with the exception of three clients on my local network which are members of a new alias I have created called (rather unoriginally) AllowMicrosoftAccess.
I have attempted to configure the Advanced Outbound Firewall Rules Settings within the Microsoft IPv4 such that a Custom Source (which is defined as my AllowMicrosoftAccess alias) is not be blocked by the floating rule which is automatically created once updated/force reload IP is run.
I have reset the firewall state post running update force reload.
I can see a relevant floating rule which appears to be configured as anticipated, but unfortunately the alias member clients are still being blocked by the IPv4 rule.
I wonder if I am misunderstanding the functionality of this section and attempting the impossible.
-
@farrina
Try to change the protocol to "TCP/UDP"?
-
That sorted it thanks - now why did I not think of that !
Cheers
