Allow IPs not working

gibsonanath · March 13, 2019, 2:04am

There all,
Kindly assist, I have placed most countries on Firewall Challenge, this has stopped must applications like gtmatrix, orion, muwpdev smush cdn. Now, I got their server IP addresses, and allowed them on the firewall rule, no success. I also whitelisted them on the Firewall->Tools still no success.
How do I allow these applications pls?

sdayman · March 13, 2019, 2:10am

Have you tried putting those IP addresses in the same Firewall Rule to see if that fixes it?

Also, double-check the Firewall Event Log to see why those are getting blocked. It will most likely say “Firewall Rule” and the IP address of what got blocked.

gibsonanath · March 13, 2019, 2:43am

Yes, I have the IP addresses in hte Firewall Rule.
I have double checked, but I cannot find the IPs on the event log.

Do you have any similar configuration I can look at?
Thanks

MarkMeyer · March 13, 2019, 7:05am

(not ip.src in {69.162.124.224/28 63.143.42.240/28 2400:cb00::/32 2405:b500::/32 2606:4700::/32 2803:f800::/32 2c0f:f248::/32 2a06:98c0::/29 104.131.107.63 122.248.234.23 128.199.195.156 138.197.150.151 139.59.173.249 146.185.143.14 159.203.30.41 159.89.8.111 165.227.83.148 178.62.52.237 18.221.56.27 188.226.183.141 216.144.250.150 34.233.66.117 46.101.250.135 46.137.190.132 52.60.129.180 54.64.67.106 54.67.10.127 54.79.28.129 54.94.142.218} and ip.geoip.country ne "DE")

Action here is block
In words: all listed IPs are allowed + all users from Germany. Don’t forget to allow Cloudflare AlwaysOnline If you’re using it.

gibsonanath · March 13, 2019, 4:01pm

Thank MVP, below is my Firewall rule to allow Smush CDN Server IPs:

(ip.src eq 66.135.55.161 and ip.src eq 66.135.60.59 and ip.src eq 66.135.49.214 and ip.src eq 66.135.60.64 and ip.src eq 165.227.66.214 and ip.src eq 192.241.140.159 and ip.src eq 104.236.132.222 and ip.src eq 192.241.148.185)

Be so kind to assist in rewriting the right rule for me, including the “allow Cloudflare AlwaysOnline”
Thanks

gibsonanath · March 13, 2019, 4:36pm

Hello MVP,
I mirrored your firewall configuration to permit Gtmtrix and smush CDN server, but not success. See config below.
(not ip.src in {66.135.60.59 66.135.49.214 66.135.60.64 165.227.66.214 192.241.140.159 104.236.132.222 192.241.148.185 208.70.247.157 204.187.14.70 204.187.14.71 204.187.14.72 204.187.14.73 204.187.14.74 204.187.14.75 204.187.14.76 204.187.14.77 204.187.14.78 199.10.31.194 13.85.80.124 13.84.146.132 13.84.146.226 40.74.254.217 13.84.43.227 104.214.75.209 172.255.61.34 172.255.61.35 172.255.61.36 172.255.61.37 172.255.61.38 172.255.61.39 172.255.61.40 13.70.66.20 52.147.27.127 191.235.85.154 191.235.86.0 52.66.75.147 52.175.28.116} and ip.geoip.country ne “NG”)

What could be wrong?

MarkMeyer · March 13, 2019, 5:56pm

Keep in mind that my example is negated. "If IP is not x y z and country does not equal DE then block all traffic.

What I understood is that you want to challenge almost everyone except the given IPs and NG. Set your rule to ‘challenge’ instead of ‘allow’

system · April 12, 2019, 2:04am

This topic was automatically closed after 30 days. New replies are no longer allowed.