Firewall rule to block out IPV4 address

I have a firewall rule to allow an IP address (v4) - however Cloudflare is using the IPV6 address - which is not static. I need to have the rule work only on the IPV4 address.

Is this possible?


Sorry, if I was not clear.
It is not that I am trying to block all IPV6 addresses; rather I would like to allow an Admin at a IPV4 address (which is fixed).
I added the IP address to the firewall rule and it still blocks the Admin. Only when I put in the IPV6 address (which is not fixed) does it let them in.
My question, is how can I have the rule only look at the IP4 address?

Not sure what is not clear.
The firewall rule is ignoring the IPV4 address and only filtering on the IPV6 address.
(ip.src in { }) the rule blocks this address even though it is set for allow.

ip.src ne 123.456.789.0

Action -> Block

Quick and dirty. :wink:

In my case it is Action->Allow.
Have that set up. It is ignoring the ipv4 address and only looking at the ipv6 address. The IPV4 address is fixed, the IPv6 is not.
This means the rule is not working - the IPV6 address needs to be updated every time it changes.

Like @sandro wrote, it‘s not clear what you try to achieve. You want to allow IPv4, then block v6, and vice versa

Post the full expression please and mask the IPs.
The expression above blocks everything which does not equal (ne) 123.456.789.0

IPv6 could be tricky if it changes every x hours. Get a fixed one, allow a small range, or use the API to update the rule. If everything fails the client should use IPv4 only.

This topic was automatically closed after 30 days. New replies are no longer allowed.