[Firehol-support] How to allow traffic from an IP range?

Phil Whineray phil at firehol.org
Mon Jul 30 21:20:39 BST 2018


On Mon, Jul 30, 2018 at 09:24:20PM +0200, Wojtek Swiatek wrote:
> Le lun. 30 juil. 2018 à 21:02, Phil Whineray <phil at firehol.org> a écrit :
> > Firehol will stop logging if you include a catchall "server any drop" as
> > the last rule in your interface.
> >
> > It works by preventing the packet going through to the default handling
> > (i.e. log and drop).
> >
> Thanks for the information. Wouldn't that stop all logging, though? I would
> like to just stop logging dropped  packets from range 192.168.0.0/24.

Yes, you're correct of course.

To just match the range, add a "src" parameter. Anything not matched will
go to the default rule.

Cheers
Phil



More information about the Firehol-support mailing list