News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Simple Task: Block 195.244.207.0/24 not as simple?
Pages: [1]
Topic: Simple Task: Block 195.244.207.0/24 not as simple?  (Read 1499 times)
« on: January 12, 2008, 08:42:48 »
Squeller *
Posts: 8
Hi,

I want to do kind of content/ web site filtering block my network to visit www.betway.com, according to ripe that is 195.244.207.0/24

I have a pppoe wan adapter and lan/lan2 bridged. Nothing special here. What I did was add a LAN "reject" rule, source=*, dest=195.244.207.0/24, prot=tcp and I put it on top of the rules. Of course I chose save and apply.

betway.com website does still work.

Can someone explain what exactly I want to do? I'm confused. I always expected the WAN rules to be something incoming from WAN and the LAN rules for outgoing from the LAN or inside LAN. Huh

This is on top of my firewall LAN rules page, what's wrong with this?:

Proto TCP
Source LAN net
Port *
Destination 195.244.207.0/24
Port *

Even if I set destination to "WAN adress", I can visit any web site. There must be something massively wrong in my understanding.
« Last Edit: January 12, 2008, 08:53:29 by Squeller »
« Reply #1 on: January 12, 2008, 09:33:15 »
Squeller *
Posts: 8
OK, as it's a bridged interface, I enabled filtering bridge and put the rule on top of both LAN interfaces, now blocking the site works.

My question:

I have LAN2 bridged with LAN. I have "enable filtering bridge" turned on.

1. Which firewall rules apply? Both, LAN and LAN2?
2. In which order?

Thanks!
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines