I just wanted to block ALL traffic from a GREEN IP to the RED interface. I thought I knew how to build the rule and what I have blocks websites but all other traffic goes through. Please see image. This is rule #1 in my list. I’m trying to block a camera and the feed flows to the Internet as if there was no rule.
Frustrated, I used SSH and issued the iptables rule that simply got the job done.
iptables -A INPUT -i eth1 -s 192.168.1.32 -j DROP
I updated firwall.local with this for permanence (start / stop).
There must be some precedence-order thing I’m overlooking because this which can be easily done from BASH should be possible in IPFire’s GUI with no problems.
Please educate me, ridicule me, whatever…
I thank you all for any help you can provide.
Oh, by the way:
For context: I’m using Core Update 141 - wrestling with DNS issues
Thank you for the suggestion! I went back and assigned my camera a different IP (because iptables was blocking it) so I could test the new rule. I tried the “ANY” setting yesterday with no joy and decided to try it again because you were kind enough to suggest it.
Here’s what I realized. In short, it worked, and this is why it didn’t yesterday… When these cameras are on they make a persistent connection to the manufacturer’s web service. When I put the rule in place I simply stopped and started the app thinking that was a good test when, in fact, the camera was still connected. As you know a new rule does not affect ongoing connections so I wrongly thought the rule was not working.
