Block specific IP

Started by litk, March 04, 2020, 10:36:02 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 04, 2020, 10:36:02 AM Last Edit: March 04, 2020, 10:38:45 AM by litk
Hi,
can you explain me why 192.168.10.199 host is not blocked from access to the internet with this firewall rules?
https://ibb.co/09vbfSt
If I check rule option "Apply the action immediately on match" then all other hosts are blocked from the access to the Internet.
March 04, 2020, 10:58:19 AM #1
Because you block the complete /24 beginning from 192.168.10.199. But you only want to block /32 (single host).
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
March 04, 2020, 11:06:51 AM #2 Last Edit: March 04, 2020, 11:09:47 AM by litk
The host 192.168.10.199/32 is not blocked anyway.

Sorry I forgot to click apply. Works now. Thank you a lot.
March 04, 2020, 12:21:51 PM #3
The grey flash indicates a lazy rule (last matched). So at least ports 53, 80 and 443 are permitted to this host before your explicit block rules are matched.

If you want to block it, make it a quick rule (first match) and correct the netmask to /32.
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
March 05, 2020, 08:07:06 AM #4 Last Edit: March 05, 2020, 08:13:18 AM by litk
Hey I have another problem with this rule because on the host 192.168.10.199 youtube is working, any other site are blocked. Youtube is loading but video clips dont. Why is that?
https://ibb.co/4f8WzBV
Print
Go Up Pages1
User actions