EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Thursday 05 December 2024, 01:25:06 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
EFW 2.5.1 Blocking Single IP address, the right way?
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: EFW 2.5.1 Blocking Single IP address, the right way? (Read 9155 times)
lokutus25
Jr. Member
Offline
Posts: 8
EFW 2.5.1 Blocking Single IP address, the right way?
«
on:
Tuesday 06 November 2012, 01:04:21 am »
Hi everybody,
I'm quite new to Endian and I have a question or two.
I have a Web Server published via a "Port Forwarding" rule, very simple.
In the "Access From" rules section I have "Allow from: Uplink Any", since everybody can access to the Web Server.
Now, someone was trying a nice DoS, attacking the http port from a fixed IP address. The documentation say that I can add an "Access From" rules
to tune the IP addresses. But, as far as I can see I can only add "Access From" rules of the "Allow from" type. I can't add a "Deny from:"
rule if the original one is the "Allow" type. Is it correct? Or am I missing something?
To add a "Deny From" I added a duplicated "Port Forwarding" rule on top of the previous one, identical but for the "Deny From" rule. It works
but is this the right way to configure? I'm asking because I know a bit of iptables and sounds unnecessary to me. But as I said, I'm new
to Endian and I'd like to know if I'm doing it right.
Thanks
Logged
lokutus25
Jr. Member
Offline
Posts: 8
Re: EFW 2.5.1 Blocking Single IP address, the right way?
«
Reply #1 on:
Wednesday 07 November 2012, 01:30:04 am »
Bump.
None has the same configuration? I thought It is very common.
Logged
steven
Full Member
Offline
Gender:
Posts: 10
Re: EFW 2.5.1 Blocking Single IP address, the right way?
«
Reply #2 on:
Tuesday 01 January 2013, 01:22:11 am »
You have two options.
1. since the default option on the firewall is to deny all, create an allow rule with specific IP ranges this can be useful if you only want to allow specific IP i.e. from a particular ISP or particular country.
2. create a deny rule first for the IP you want to block, then create an allow rule for all IP's the firewall reads the rules from top to bottom, this is the option you went for an is correct.
Steve - Techtron Computers
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.078 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com