I have some suspicious activity on my machine so I want to block all incoming and outgoing to a specific IP for all applications. How do I do that? I added the IP to “My Blocked Network Zones” Is that correct? Is there a log file that shows that it is being blocked so that I can verify that it is actually being blocked? Another application I use is showing data being transferred, but I don’t know if the data is actually being blocked or not. Thanks.
make a rule in global rules section, put it on top:
block and log protokoll “IP” (that means udp, tcp, ect) outgoing when source adress and port is ANY and destination adress and port is “that suspect adress”
but you should ask yourself, if something is suspicious, why should these suspicious behaviour happen still on your pc, and you put only a little patch over this mark? and why should a “writer of a suspicious application” should be so mindless to use only one ip-adress, so that his threat can be easily blocked?
i told you how you can make a rule for it. but i would not suggest to trust in a rule to avoid a malware or whatever, to do what it does.
get rid of that suspicious thing.