I have some problem here,
I want to make one of computer in my network (192.168.0.7) only have access to browsing port (80, 443) because i suspect his computer has worm, or some software which downloading very fast per sec and download it from many connection (and the server computer with comodo installed become very very laggy when it happens).
I’ve set rules to restrict 192.168.0.7 only to browsing port (see image attachment 2.jpg).
[LAN] is ip range from 192.168.0.1 - 192.168.0.6
[Browsing] Port is 80,443
But somehow 192.168.0.7 just pass trough (see attachment 1.jpg).
Please advise me what to do, maybe my rules are wrong. Thank you all
Try making separate in and out rules to be sure CFP is correctly interpreting the source and destination. Are you doing ICS? 80, 443 are only http destination ports, not sources. The connections show DNS requests coming in from 192.168.0.107, to 192.168.0.1 (presumably you, the server) but we need to know more about your configuration. Your server can only be a source out and a destination in.
Thanks for your reply.
Yes, i am doing ICS. The server IP is 192.168.0.1.
192.168.0.7 first connect to 192.168.0.1 then 192.168.0.1 connect to internet.
Can you help me revising my rule? Here is my revised rule (image attachment), but i don’t know it’s correct or not.
Current configuration:
I included 192.168.0.7 into [LAN] network, I think by default it should be allow all transmission, then i have just block every port except browsing port before it,
Your rule seems reasonable. What about DNS for 192.168.0.7-seems like allow UDP to port 53 is needed also. Not an ICS user, but let us know if this works for you-there are lots of other ICS users here to help. But not knowing how ICS really works, you could change the 192.168.0.1 in the block rule to “any”.
