hello everyone
today i ran into a problem that i dont know how to solve
i have to block my network from accessing a class of IP.
that is i have to prevent access for example to the class 8.8.8.0/24
i thought of creating a rule in the firewall but putting in the destination 8.8.8.0/24 but it doesnt work
do you have any idea how to do it?
How exactly have you defined the rule?
Have you pressed the button to activate the rules?
I made the rule by inserting 8.8.8.0/24 in the destination box, I saved and activated the rule
once done and performed the tests I always reach the class
I have setup a rule ( same parameters as yours ). Trying to access 8.8.8.8 from the browser results in
Sep 25 13:00:21 BitschCop kernel: OUTGOINGFW IN= OUT=red0 SRC=xx.xx.xx.xx DST=8.8.8.8 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=51225 DF PROTO=TCP SPT=42794 DPT=80 WINDOW=42340 RES=0x00 SYN URGP=0 MARK=0x80000000
as expected.
Is your rule the first rule? Otherwise a rule with lower position can allow the connection.
Another effect is that established connections are allowed anyway. To test, you should initiate a new connection.
1 Like
thanks actually I hadn’t noticed a rule already present