How to block all internet traffic from an internal Fixed IP

Home Page Forums Network Management Firewall, Traffic Shaping and Net Balancer How to block all internet traffic from an internal Fixed IP

This topic contains 3 replies, has 0 voices, and was last updated by  alpha_wall 9 years, 5 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #42031

    alpha_wall
    Member

    I am trying to block the interent traffic from one of my internal PC’s this PC does have a fixed IP address.

    I created a forward rule in the firewall with source My Internal port on the ZS ETH0
    In the rule I defined the destination IP 192.168.1.25 adn the action drop.

    The client PC was still accessing the net.
    I created another rule with Source 192.168.1.25 no target and interface and drop or reject

    there was still access from the client PC. I tried different variations bud never had sucess to block traffic from this machine.

    Ideally I would like to have this rule to be true only on weekdays and no effect on Saturday and sunday

    Thanks for your help

    #49069

    yum
    Member

    Maybe there are other rules that permit this traffic? It’s better to place this rule :

    I created another rule with Source 192.168.1.25 no target and interface and drop or reject

    to the very beginning of the FORWARD chain, make it number 1.
    I think one rule will be sufficient. Also mark any days you need inside this rule.

    #49070

    ppalias
    Member

    Just use the source IP address field. I tested it on ZS 1beta12 and it’s working fine.

    #49071

    alpha_wall
    Member

    Thanks for your suggestions. I have now resolve the issue with the following rune

    Destination IP 192.168.1.25
    All protocols
    action DROP

    Works great and yes the priority of the rules was important. Now I know that restricted rules have to go first.

    #49072

    markcooper
    Member

    Disabling your NIC should disable any networking.Check around in your router settings though.I have a very old router and even it has the ability to block all ports to specific local IP addresses.Alternatively, you can use your firewall, or even the built in windows firewall to block all traffic which should work just as well.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.