Public local network

Dear forum,

Can you help me? I have a couple of computers and a NAS on my local network - however, they are all assigned public IP’s (for various reasons) and my router only functions as a bridge (so the localness of my network is debatable). I often see other computers (from the same street hub, I suppose - my subnet mask is so…) in my Network and can even stream content from some of them with DLNA.

Now, I need DLNA/UPnP functionality, file sharing etc. within my home, but I would like to exclude the others from having access to my machine. At the same time I would obviously like to still be able to use HTTP and all kinds of web services freely - the way things currently are.

How do I write a rule to exclude access from computers in my subnet that don’t have specific MAC addresses?

Thanks! :slight_smile:

Hello dalgard,

You can modify global rules by Opening CIS > Firewall > Network Security Policy > Global Rules

Select Add to add a rule

(Make your rule is on the top of the list)

did this help?


Hi again,

I found the place allright, it is how to make the right rule I am unsure about. Can you help me?

Thanks for the nice answer, by the way! :slight_smile:


Sure thing,
How can i help you?

Edit; I’d take a look at this also


Well, if you look at my first post, you will see what I am trying to achieve. Can you define a rule that will result in this?

I am somewhat knowledgable in this area, so maybe I’ll just tell you my doubts:

  • Does Allow automatically overrule Deny, or does it depend on the placement in the list? Do higher placed items overrule or is it the other way around (evaluation order)? (I need to except my own machines from the range, you see.)
  • Since I basically want to exclude everyone in my subnet, I would use the option IP Mask - but should I then write my own IP under ‘IP’? What if I am accessing a web server on my own computer, will I get excluded then?

Hey Dalgard

Answer to Point 1:
It depends on the placement in the list, High placed items overrule bottom items.

Answer to Point 2:
I’ll answer shortly once i’m done reformatting my own machine, and install CIS.