Configuring Firewall [Resolved]

LuckyS · December 1, 2007, 12:54pm

I was going to finetune my firewall and noticed that the network zone got an upgrade as well.
However, it seems to be missing something.

I have a wireless Network with 4 PCs and only want to allow those 4 plus the router.
Well, I am using fixed IPs and that’s not really a problem. Especially since all IPs are in one range I have selected that.

Now, there isn’t really a problem but the ptential could be much larger if we were allowed to combine the options.

I can allow a specific IP, IP-Range, IP with subnet, a host name and a MAC.
Why am I not allowed to combine that? All those informations are fixed on my PCs.
It would be great if I could say:
Allow this IP with this subnet AND this host name AND this MAC to connect.

I know, I am wearing a tinfoilhat here but since the potential is there, why not use it?
Or is that possible but I didn’t find a way yet?

And no, this is not the same as creating separate rules for each because that would still leave more possible combinations.

kail · December 1, 2007, 1:02pm

Hi LuckyS

Simple answer… you can do exactly that. A Network Zone can contain any of the things you stated (plus you can add exclusive NOTs). Unless I’m misunderstanding something?

Ragwing · December 1, 2007, 1:08pm

If I’m not wrong, LuckyS wants to create something like this in his network zone:
A Single IP: 192.168.0.1
A host name: host.name [ at ] ~something.broadband.com
A MAC adress: 0A-0A-0A-0A-0A-0A

Cheers,
Ragwing

kail · December 1, 2007, 1:17pm

Like this?

[attachment deleted by admin]

Ragwing · December 1, 2007, 1:21pm

From what I’ve understood, LuckyS wants one single rule where you can combine IP, MAC and host, instead of three seperate rules.
But let’s wait for LuckyS to answer, so we know if that’s the case or not.

Cheers,
Ragwing

LuckyS · December 1, 2007, 1:27pm

Hmmm, not exactly, I think.

edit Yes, Ragwing

As far as I understand it, the Test-Rule would allow the IP 123.234.1.1
It would also allow the MAC 2F-33-EE-40-33
and so on.
But the rule I would like to have would only allow the perfect match of all settings.

You would start a zone, for example “Home Wireless”.
Add the first PC with IP/Subnet and MAC
Add the second PC with IP/Subnet and MAC
.
.
.

And only if the IP, Subnet AND MAC match, they are allowed.

Ragwing · December 1, 2007, 1:31pm

It’s not possible to combine stuff in the network zones, but you could suggest that to be added in the future.

Cheers,
Ragwing

LuckyS · December 1, 2007, 1:38pm

Roger that. Thought I might have missed something.
Will do

edit Stupid me and my quick clicking… Thanks for the help of course

Ragwing · December 1, 2007, 1:42pm

Ok, hopefully they’ll add it in the future.
I feel we’re finished with this discussion now, so I’ll close this topic now. If you want it opened, PM me or another moderator.

Cheers,
Ragwing