How to allow specific IP on the internet and Block others

invoker

I have a rules which is allow DNS and Block Other DNS

then i have a static mapping for IP for a specific MaC address

then i want a rule that is allowing only the static IP which i put in the static mapping and block the other that is not in the static mapping is it possible?

Gertjan

@invoker

Create a rule on LAN that passes traffic from the IP you want to allow.
Create a second rule on LAN that blocks all other traffic.

The visual solution, where I pass all "192.168.1.10" and block the rest :

The device you want to pass should always have the same IP. Otherwise, it could get blocked in the future.
So, correct, assign a static MAC DHCO lease for this device so it obtains always the same IP on your LAN.

invoker

@Gertjan

this is my rule is it correct?

when i activate that it will block me from the internet and the DHCP will have internet

Gertjan

@invoker said in How to allow specific IP on the internet and Block others:

this is my rule is it correct?

I don't understand the rules you've shown.
Your question :

How to allow specific IP on the internet and Block others

doesn't' need xx firewall rules.
Two rules will do.
You've listed 3 IPs, 192.168.96.13 20 and 35. Are these the IPs that need to pass ?

Or do you have other criteria that you've added, and didn't talk about, so I have to figure out reading your rules what you actually try to achieve ?

DNS traffic can be UDP and TCP ...

invoker

@Gertjan Oh sorry

the allow DNS rules is like allowing the DNS of the firewall then the block other dns if someone trying to change DNS it will be block

and for the 3 pcs i do static mapping in the DHCP server and im trying to allow them in the Pbllockerng

then i want to create a Rule that will allow static IP and Block the other IP like DCHP

im trying to achieve is that i want to implement the Blocking Rule of the DNS and the Trusted Devices

if the trusted device will connect and the allow DNS and

Block Other DNS will Work if they change their DNS even they have static IP mapping

because i create an alias and list the Static IP Mapping and its not working

i just disable the Block Unknown Device Rule because it blocks me even im static Mapping and the Other Computer that is not listed in my alias has internet

this is my allow rule

this is my block rule

i just disable it because it keeps blocking me
or maybe i just miss something

stephenw10

Your 'Allow Trusted Devices' rule is UDP only. If that is intended to pass traffic it should be UDP+TCP or TCP only at least.