Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 614 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dropping traffic from external ip address

MarkThornton

I am struggling to get a working firewall rule to drop or reject traffic from an external ip address. My mail server keeps getting hammered by IP addresses it reports as being from Iran. I created a firewall rule at the top position but it isn't having any effect. I thought the system processed from the top down. What am I missing?



This thread was automatically locked due to age.
Parents
  • 0

    Google couldnt help me find anything about a dead end nat. I will keep looking. As to the destination network, i have tried several things; the destination server address both internal and external and I tried the interface. Are you suggesting it should be the internal lan network object? 

Reply
  • 0

    Google couldnt help me find anything about a dead end nat. I will keep looking. As to the destination network, i have tried several things; the destination server address both internal and external and I tried the interface. Are you suggesting it should be the internal lan network object? 

Children
  • 0 in reply to MarkThornton

    Not a google search but a sophos kba search. I apologise for not being able to assist with more details but the iPad is not a good device for searching or copying links. My main Mac is off being repaired waiting for parts.

    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I haven't been able to find the article so I guess I will open a support ticket. To be honest I haven't even found knowledge base articles at all, just a lot of articles in no particular order.

  • 0 in reply to MarkThornton

    I am trying to block all traffic that is both coming and going to an internal IP address (this server acts as a router for the network). so far I have tried the following: iptables -A INPUT -s 192.168.1.111 -j DROP & iptables -A OUTPUT -d 192.168.1.111 -j DROP, with 192.168.1.111 being the IP address I am trying to block traffic from. The local area network connects to br0....                Monkey.cool

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?