On the picture attached, the wireless doorbell is orange by surprised instead of blue (no big deal). Also I added rules to the orange network to use it as an internal network for printers, ip cameras, etc.
2 is not needed
3 is a bad idea. this allows everyone on the web in
4 ok bit much
5 not needed
6 much better then 4
7 not needed
see default rules in the bottom of your screen shot.
I’ll change 3 to drop instead of reject because they don’t need to know the destination state. (I’m guessing reject sends the ICMP_3 response since you say allows everyone in, which it doesn’t)
Obviously you don’t understand what I’m doing.
Below is the fixed rules:
I missed that
2 is ok
3 is not needed red is blocked by default see rules at the bottom.
5 and 7 is not needed see default rules at bottom.
1 Like
with rule 4
rule 6 is not needed
If you change the default firewall policy from allow to block
then you will need rule 5
and possibly more.
I don’t know why 10.65.65.110 is orange since its from the blue wireless port the access point is plugged into, and I had no networking to/from the NVR on the green to it until I added those two rules. The computer on green had issues with the printer on orange. I think number 5 is not needed as the printer works with or without the rule. But when I disable orange to green allow rule, I get a message that the printer isn’t responding…
So I will delete rule #5.
#3 should never happen unless there is a malfunction with the ipfire stack or a port opened by orange.