[Firehol-support] How to allow traffic from an IP range?

Wojtek Swiatek w at swtk.info
Tue Jul 31 07:34:37 BST 2018


My apologies - I just realized that I did the changes on a copy of the
config file...

The logging from that network stopped, thank you very much

Le mar. 31 juil. 2018 à 08:24, Wojtek Swiatek <w at swtk.info> a écrit :

> Le lun. 30 juil. 2018 à 22:20, Phil Whineray <phil at firehol.org> a écrit :
>
>>
>> > > Firehol will stop logging if you include a catchall "server any drop"
>> as
>> > > the last rule in your interface.
>>
>> To just match the range, add a "src" parameter. Anything not matched will
>> go to the default rule.
>>
>>
> Unfortunately it did not help. I added the line as suggested (not sure why
> "server", in any case I tried "server" and "client"):
>
> interface4 int0 internet
>     client all accept
>     server openvpn accept
>     server any drop src 192.168.0.0/24
>
> I still get lines such as
> IN-internet:IN=int0 OUT= MAC=01:00:5e:7f:ff:fa:18:1e:78:82:e6:f5:08:00
> SRC=192.168.0.11 DST=239.255.255.250 LEN=32 TOS=0x00 PREC=0x80 TTL=1 ID=0
> DF PROTO=2
>



More information about the Firehol-support mailing list