HI All,
firewall release 156 in use here.
I have in my DMZ, a VMWare farm and 4 CCTV cameras
I have created a CCTV camera group
x.x.x.200 (camera 1)
x.x.x.203 (camera 4)
I create a firewall rule:
from host network group CCTV-CAMS
[NAT disabled]
to standard networks RED
Protocol ALL
Action DROP
Log rule
Rule position 1
I apply the change
I reboot IPfire in case there is floating persistent connection
I go back into the logs 5 minutes later - cameras still trying to UDP call their Chinese / US motherships in the FWFORWARD table not resulting in a DROP
is this because the default rule for the DMZ is ORANGE->RED = open ?
is it actually possible to deny specific DMZ hosts internet access ?
And if yes, what am I doing wrong please ?
Many thanks
Regards
BB