Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking Access to Specific Host

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bairdmj
      last edited by

      I am trying to create a simple rule.  The rule will deny all LAN users access to one specific internet host (TCP/*).  To do this I have created a firewall rule on the LAN interface:

      Proto  Source  Port  Destination  Port  Gateway  Schedule  Description 
      TCP * * BLOCKED.IP.HERE * *   BLOCK OUTGOING TEST

      The rule has been moved to the very top.  Beneath this rule, I do have one that allows LAN NET to access *, but since this rule is on top, it should work right?

      This rule does not seem to be working.. all LAN users are able to access the blocked destination.  Does anyone have any ideas as to why this is not working?  Am I missing a step?

      Thanks

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        @bairdmj:

        I am trying to create a simple rule.  The rule will deny all LAN users access to one specific internet host (TCP/*).  To do this I have created a firewall rule on the LAN interface:

        Proto  Source  Port  Destination  Port  Gateway  Schedule  Description 
        TCP * * BLOCKED.IP.HERE * *   BLOCK OUTGOING TEST

        The rule has been moved to the very top.  Beneath this rule, I do have one that allows LAN NET to access *, but since this rule is on top, it should work right?

        This rule does not seem to be working.. all LAN users are able to access the blocked destination.  Does anyone have any ideas as to why this is not working?  Am I missing a step?

        Thanks

        Have you verified that destination traffic are the expected iow the ip you have in the block?.
        Check your logs(obviusly turn it on if you dont)

        Otherwise you can try and block a site you know have only one ipadress and se if that works.

        /f

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.