Firewall rule - block all (with exception)?

Started by Zoltrix, January 09, 2024, 07:03:07 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 09, 2024, 07:03:07 AM
Hi all,

Probably a silly question. I am attempting to create a firewall rule set that will block all SNMP traffic to the firewall, except for one host.

I've attached a screenshot of the rules. I've created a "Pass" rule for the single host, and then a "Block" rule. The block rule works on its own, but when I enable the "Pass" rule, it allows access again for all IPs, not just the single IP in the rule.

Cheers
January 09, 2024, 07:33:33 AM #1
All of your addresses cover the range 192.168.0.0 to 192.168.0.255. I think you want the source address to be specific, to have no CIDR or /32 if it does.
Deciso DEC697
+crowdsec +wireguard
January 09, 2024, 08:10:04 AM #2
Thanks mate, that was an easy fix!
Print
Go Up Pages1
User actions