Block Blue from Administrating Firewall

So I’ve just installed and got working IPFire 2.25 x64 core update 141. Now I’m learning how to tweak it a bit. I have a couple of firewall rule questions:

  1. Typically, I’ve always created an Any-Any-All-Drop rule as the final rule in my firewall rules. However, when I do this in IPFire, all internet activity stops. Is this normal behavior?

  2. I would like to create a rule to keep my Blue network from being able to administrate IPFire. Anyone have any ideas on what this firewall rule would be.

Any suggestions would be most helpful. Thank you.

Yes.

This is explained in the wiki: https://wiki.ipfire.org/configuration/firewall/accesstoblue

As we know, an Any-Any-All-Drop rule as the last firewall rule is a security feature. If this rule blocks internet connectivity, of course we can’t use it. So what keeps maliciousness from attempting other protocols? Is there some other security built into IPFire that I’m not seeing? Is there a way to craft a firewall rule that would allow internet connectivity but provide other protocol security in IPFire?

I would imagine that the start and stop entry in the firewall.local file is your personal wireless IP network address and not what’s necessarily listed. Is this a correct assumption?

Yes, it’s possible to block the WUI-Access from Blue with a Firewall-Rule.

Create a new rule:

Source: Blue network
Destination: Firewall All
Protocol: TCP
Destination-Port: 444
Target: Drop