This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block external IP

I want to block an external IP, but it seems the IP still can connect to the firewall. I have created a DNAT rule like below. Still the IP shows up in my packetfilter.log. I have created a network group which i'm using for the blocked IP, and created a network group for al my wan interfaces.

What can i do to block an IP entirely?



This thread was automatically locked due to age.
Parents Reply Children
  • You have done it correctly, Bastiaan.  I just wanted to confirm that the items in the Network group were bound to the WAN interface.  The "(Address)" objects are bound to the interface, so the resulting rule is applied to the INPUT chain as it needs to be.  In this case, you "blackhole" the traffic instead of blocking it.  You might be interested in #2 in Rulz (last updated 2021-02-16).

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA