News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Block all requests any port by IP address and or range
Pages: [1]
Topic: Block all requests any port by IP address and or range  (Read 4134 times)
« on: December 01, 2009, 21:20:01 »
Alan87i *
Posts: 7
Is this possible. I want to set up a rule that where xx.xxx.xxx.x IP address is denied any connection or response .
I have tried a few things and seemed to have failed at all attempts.

Thanks for ant tips
Allan
« Reply #1 on: December 03, 2009, 01:21:44 »
Alan87i *
Posts: 7
I tried this way
rule Block
IP xx.1.1.1/1 dam if it didn't block my buddies IP witch has 3 digits XXX.xx.xxx.xx and 2 others I have that connect to a game server and my WHS box.
Any tid bit tip on say blocking the whole range of 85.x.x.x  with out blocking all the other IP"s
when I put the complete address in  /31 the WHS server's remote alert add in would still show this bot box connected.
totally confused here.
« Reply #2 on: December 03, 2009, 03:27:14 »
knightmb ****
Posts: 341
Quote from: Alan87i on December 01, 2009, 21:20:01
Is this possible. I want to set up a rule that where xx.xxx.xxx.x IP address is denied any connection or response .
I have tried a few things and seemed to have failed at all attempts.

Thanks for ant tips
Allan
You want to blacklist some IP(s) from accessing m0n0wall or internal IPs trying to get out to the Internet through m0n0wall?
Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
« Reply #3 on: December 03, 2009, 11:55:34 »
Alan87i *
Posts: 7
I want to keep external ip's from getting in to anything I have 2 Zoneminder systems 1 game server and a WHS server plus 6 user pc's .
Although the log shows tons of blocked entries. I'm getting hits from the APP remote alert on my WHS server , These are scanning bot boxs I'm sure , Those are the IP's I would like to block at the wan port the most.
Allan
« Reply #4 on: December 03, 2009, 19:44:46 »
knightmb ****
Posts: 341
Quote from: Alan87i on December 03, 2009, 11:55:34
I want to keep external ip's from getting in to anything I have 2 Zoneminder systems 1 game server and a WHS server plus 6 user pc's .
Although the log shows tons of blocked entries. I'm getting hits from the APP remote alert on my WHS server , These are scanning bot boxs I'm sure , Those are the IP's I would like to block at the wan port the most.
Allan


This should help. This is a sample of my firewall rules that block spam servers from sending to my e-mail servers. Just substitute in *any* port instead of port 25 and that should block everything to either a single machine on your LAN or all of them if you just leave it as "LAN net" for example. Be sure the firewall rules are at the very top because m0n0wall goes based on the first match on how it processes the rules.

Use the CIRD calculator here to get the exact range that you want to block: http://www.subnet-calculator.com/cidr.php

* m0n0wall_01.gif (22.5 KB, 585x229 - viewed 620 times.)
Radius Service for m0n0wall Captive Portal - http://amaranthinetech.com
« Reply #5 on: December 09, 2009, 15:27:06 »
Alan87i *
Posts: 7
Thanks
it has helped although no matter what I seem to do the IP's I'm trying to block still show up in remote alert as usual they come and go
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines