Firewalla Blue Rules

Comments

7 comments

  • Avatar
    Firewalla

    You need to add rules to block the internet rule first.  (tap on rules, tap on + you will see it).  

    0
    Comment actions Permalink
  • Avatar
    Rgorman

    If I choose Block and "Traffic from & to Internet" that seems to kill all traffic, even when there is an explicit allow for certain geolocation based traffic.  So far, I can't block ALL traffic EXCEPT certain traffic from a host on my network.

     

    Any other suggestions?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    What country did you allow? and what site did you test for this?  we can try it ourselves. 

    Did you allow your DNS servers?

    0
    Comment actions Permalink
  • Avatar
    Rgorman

    I am trying to restrict access to my devices to sources from Canada and the US primarily. All other geolocations can be blocked. Ideally this would apply only to certain machines in my network.

    0
    Comment actions Permalink
  • Avatar
    Rgorman

    Just to clarify, I have noticed that most of the malicious attempts on my externally published devices come from countries outside of Canada and the US. I am hoping to mitigate that risk by limiting access to those countries.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Double-check your DNS and make sure it is on the allowed list.   And when you are doing this, are all the sites down? or some sites are down?

    The reason I am asking is, geo-blocking is pretty tricky ... so it works better to block certain countries.  block all, then allow, we have yet seen a usable solution.  This is simply because the internet is distributed and the data centers are distributed.  IP addresses are changing all the time.

     

    0
    Comment actions Permalink
  • Avatar
    Rgorman

    Ok, I played around with it a bit.  I WAS putting in the allow rules for the geolocations in the main section of the rules applied to all devices.  Then I was trying to block Internet on 2 devices specifically in hopes they both would get the shared allow rules, but that didn't work.  When I subsequently blocked Internet on one host, and added the allow rules for the geolocations specifically to that hosts rule set it seems to have worked.  The unfortunate situation is the Firewalla Blue doesn't allow more than 3 geolocation rules so I can't do the same thing on a second host on my network.  I was hoping to get around that limit by doing those allow geolocations globally and blocking the Internet on each host.

    0
    Comment actions Permalink

Please sign in to leave a comment.