Blocking All But One

Thanks in advance for any help friends.

Installed version 5 on Windows 7 … I am new to both version 5 and Windows 7, new laptop :slight_smile:

I am on my own private network 192.168.1.x

Everything is at default …

Ie.

Network Zones
Loop IP in 127.0.0.1 - 255.0.0.0
Local Area Network #1 192.168.1.69 - 255.255.255.0

Network Settings for windows is DHCP

I am going to a lan party with 30 plus members attending all with their own computers.
I must set the netwrok IP myself in windows because there is no DHCP.

There wiill be one game server running one game and teamspeak on two different ports.

After I have set the IP in Windows (manually) to match the network.

It will be something like 192.168.x.x - 255.255.255.0 in the same private range.
I will be told to use an IP like 192.168.x.45 for my computer so that there is not IP conflicts.

I dont want all other 29 computers acessing mine in any way shape or form nor do I want any ■■■■ on mine connecting to their computers …

How would I make it so I only allow a connection with the game server 192.168.x.200?

Lets asume the server in this case will be 192.168.8.200 which I trust to be clean and my new IP is 192.168.8.45

Thanks

Leaving early Friday morning …

Even a little clue? …

Im not sure how you even do this? …

Make Block All Rule
Make an Allow IP Rule

Make a three rules to Block IP Ranges each side of the server and my own address.
Block 192.168.8.0-44 and 192.168.8.46-199 and 192.168.8.201-255

Im wondering even what section I need do anything …
Global Rules or Zones

Can I simply Save My Config … Delete my current zone and just make a new one using specifice ranges?

Im afraid to experiment and I dont have time :frowning:

They must be on vacation. I’m no expert either but maybe you can do it by mac address? Only allow the server’s mac address to connect to you and vice versa.

first, use only OUTgoing rules, so no one can come in unrequested.

erase your local network zone adress setting (in the firewall, network security section… a tab on top).

normally you should be then on the party as safe as you are allready in front of the internet.

ONLY OUTgoing.

i would try if its running without “adding a new network”. just by telling the game to be allowed OUTgoing (to make it simple). or you can make a rule for the game for just the server ip (destination) from your pc (source) to the destination port. (in firewall, network security, application rules…)

make sure there, that you dont have any allow INgoing rule for something existing!

use the stealth port wizard setting 3, so you dont get questions if someone tries to connect to you… your pc is NO server, so you dont need to answer those questions.

Heya Thanks …

So I figure I goto the global rules section.

There is two default allow rules for the Zone Local Area #1

I Switch these to Block Instead with edit function…

And then just setup one Allow ANY In/Out to a single IP …

Is simple enough on my own network but where it get confusing for me is when I connect to the new network or change my IP what will happen to the zones and rules …

I kind want it already setup to be blocked before I plug the cable …

Anyways Thanks :smiley:

I check at grc.com I have no server and stealth …

I think now there is lots of way to do this …

As you say delete the zone and it rules and just make one outgoing rule for the game application itself but I still was hoping for a “this is the proven method answer”.

but thanks all info is good info …

read my post again.

i dont know what you mean with “proven method answer”. if theres anything unsafe with it, tell me.

i think that my post says anything to know. i described how to make your pc close in front of the internet. why should it not be safe in a lan then? the best control you have with set the firewall mode to custom.

the thing that i would keep especially an eye on is the allready made “network zone rule” for your home. as you dont want to let others in, maybe it could be worth a try to connect without adding such a rule for the lan party, and to erase your own before. under firewall----network security-----network zones. just erase the line that says “local network”. you cant block your old one there. so i think, you didnt blocked something there.
read the post again.

“And then just setup one Allow ANY In/Out to a single IP …”
NO!
only OUTgoing rule. why do you need an ingoing rule been allowed all? do you want someone to join your pc? and make this rule for outgoing in the application rules. not in global.
OUTgoing means: your request goes out, answer comes in. thats how a game will work.
having a “block ip in any” rule under global rules means: all unrequested(!) ingoing attempts are blocked by default.