I created a firewall rule several years ago to ban all internet connections.
then I have three rules:
- 1 Lets teamviewer pass on port 5938 (pmad only)
- 1 that lets teamviewer pass on the port 5938 and the mails (pmad mail)
- 1 Who lets everything pass (full internet)
Since IPFire 2.27 (x86_64) - Core-Update 171.
I realize that the first rule no longer works if I connect a new computer to the network it can browse the internet.
my configuration :
did you have an idea ?
Your first rule probably allows everyone
? For full internet. Do you have a user group?
If you make a user group called “full internet”
Than it will stop new devices.
Thank you for your answer and sorry for the late answer.
yes I have a host group call full internet
for information I follow this video when I create the rules Ipfire firewall rules - block internet by default, except for specific clients - YouTube
he explains in his video that the blocking rule must be the last one. ( which worked very well until the update.).
I recreate the blocking rule the same.
If I place the blocking rules on the top I cut internet for all (logic)
Is the proxy running?
Are the proxy settings propagated by DHCP ( WPAD )?
If yes, your clients on green don’t use a WAN address as destination, but the proxy address ( IPFire ) for web access ( HTTP(s) ).
Your last rule. If you change it to destination network “any” does it work?
I Found !!
It’s just a bug.
I have one host removed in the host list, but still visible in the host group with mention ‘deleted’
I recreate the host remove from the host group, and remove the host.
apply changes and it’s work this is working again.