[Firehol-support] How to allow traffic from an IP range?
w at swtk.info
Tue Jul 31 07:34:37 BST 2018
My apologies - I just realized that I did the changes on a copy of the
The logging from that network stopped, thank you very much
Le mar. 31 juil. 2018 à 08:24, Wojtek Swiatek <w at swtk.info> a écrit :
> Le lun. 30 juil. 2018 à 22:20, Phil Whineray <phil at firehol.org> a écrit :
>> > > Firehol will stop logging if you include a catchall "server any drop"
>> > > the last rule in your interface.
>> To just match the range, add a "src" parameter. Anything not matched will
>> go to the default rule.
> Unfortunately it did not help. I added the line as suggested (not sure why
> "server", in any case I tried "server" and "client"):
> interface4 int0 internet
> client all accept
> server openvpn accept
> server any drop src 192.168.0.0/24
> I still get lines such as
> IN-internet:IN=int0 OUT= MAC=01:00:5e:7f:ff:fa:18:1e:78:82:e6:f5:08:00
> SRC=192.168.0.11 DST=184.108.40.206 LEN=32 TOS=0x00 PREC=0x80 TTL=1 ID=0
> DF PROTO=2
More information about the Firehol-support