I would like to create one rule to and from clinet to block al traffic from it
now i create one rul that blocks traffic from client and it works like…
so i can ping him and he can't ping anything
of cause i can just remove state from it... but my be it will be more helpfull to create rules of full block
for full block you need 2 rules
1 to block its outgoning trafic and 1 to block its incomming trafic
Yes I know that 2 rules will solve my problem but i have ~200 ip's… os it will be ~400 of rules ? it will be cruel. may be it will be helpfull to create some kind of [v] to create such rules
make a alias called blockedip add all the blocked ip's to that alias
now make the 2 rules insted of a ipadress type blockedip
I thouth about it. But if it will be so i'll loose easy way to open/block clients.
May be it will be more helpfull t create [v] (bidirectional) and it will crete 2 rules at the same way
Can't you just block a range? And why do you need two rules? I thought you can set one rule to both tcp and udp.
here is a scheme
i have 9 servers on every i have something near 90 clients. When client have zero on his ballanse manager turns it off. Now i must create 2 rules one to block traffic from clinet and one to client. so it about 180 rules on one page. IMHO it is very big page and a lot of rules on it. So if i will have list not from ~180 rules it will be greate.
You can reduce your list of rules a lot by using the alias system.
Ok lets go that way.
I will create 1 alias that will be called "allowed users". in that alias i will add all clients that must work and all athers will be blocked. so When i need to allow client to work i will add it ip address to that alias.
hm… maybe it will be more easy to temporary block throw webconfig some rows and not delete them ?
whatever works best for you ;)