Full block



  • Hello
    I would like to create one rule to and from clinet to block al traffic from it
    now i create one rul that blocks traffic from client and it works like…
    so i can ping him and he can't ping anything
    of cause i can just remove state from it... but my be it will be more helpfull to create rules of full block



  • for full block you need 2 rules
    1 to block its outgoning trafic and 1 to block its incomming trafic



  • Yes I know that 2 rules will solve my problem but i have ~200 ip's… os it will be ~400 of rules ? it will be cruel. may be it will be helpfull to create some kind of [v] to create such rules



  • make a alias called blockedip add all the blocked ip's to that alias
    now make the 2 rules insted of a ipadress type blockedip



  • I thouth about it. But if it will be so i'll  loose easy way to open/block clients.
    May be it will be more helpfull t  create [v] (bidirectional) and it will crete 2 rules at the same way



  • Can't you just block a range?  And why do you need two rules?  I thought you can set one rule to both tcp and udp.



  • here is a scheme
    i have 9 servers on every i have something near 90 clients. When client have zero on his ballanse manager turns it off. Now i must create 2 rules one to block traffic from clinet and one to client. so it about 180 rules on one page. IMHO it is very big page and a lot of rules on it. So if i will have list not from ~180 rules it will be greate.



  • You can reduce your list of rules a lot by using the alias system.



  • Ok lets go that way.
    I will create 1 alias that will be called "allowed users". in that alias i will add all clients that must work and all athers will be blocked. so When i need to allow client to work i will add it ip address to that alias.
    hm… maybe it will be more easy to temporary block throw webconfig some rows and not delete them ?



  • whatever works best for you  ;)


Locked