Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Some help with a firewall rule

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fcapizzo
      last edited by

      I have a list of internet IPs that I want blocked in 2 ways; I don't their packets getting in, and if one of my LAN clients tries to connect to one of those IPs I want that traffic stopped as well.

      With that in mind, I'm a bit confused on creating a rule or rules to define the block.  First I created an alias with the list of IPs.  Here's what I have so far for rules:

      Reject on LAN any source to alias list of IPs.
      Reject on WAN alias list of IPs to any source.

      Is this correct?  Also, by selecting any protocol will that stop all types of traffic, including web, P2P, ftp, etc.?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        make sure your block rule is above every other rule.
        but your rule look good.
        block, LAN:  source: any  ; destination: alias
        block, WAN: source: alias ; destination: any

        if you have any as protocoll you make sure that nothing goes through. though most p2p programms use TCP or UDP.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • F
          fcapizzo
          last edited by

          Great.  Looks like I got the rules correct.  Thank you!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.