Firewall Rules

lewosin · December 3, 2018, 6:30pm

This is a screenshot

MarkMeyer · December 3, 2018, 6:34pm

Can you post the expressions?

Blockings work well for me. Also ensure that you didn’t whitelist IPs within the IP firewall or Access rules. I am nit pretty sure which one triggers first.

MarkMeyer · December 3, 2018, 7:07pm

Try

(ip.src in {51.15.0.0/16 }) or (ip.src eq 113.123.59.128)

Action - block

sandro · December 4, 2018, 11:18am

I dont believe src can be matched against a CIDR. You’d need to specify a proper IP address. eq does a full string comparison as far as I understood and in does the same against a list of strings.

~~Your use-case really is better done with access rules.~~

MarkMeyer · December 4, 2018, 11:36am

I’ve generated the expression with the firewall. “IP address is in” results in “ip.src. in”

@lewosin
Are there any other rules allowing… what ever?

Have you tried to negate the rule?

(not ip.src in {51.15.0.0/16}) or (ip.src ne 113.123.5.183)

Action - Allow.

Though the strange thing is that challenge works.

sandro · December 4, 2018, 11:38am

My bad

sandro · December 4, 2018, 12:01pm

I just tested the CIDR value and it did block me in my case. Rules do not take immediate effect but it might take several seconds, maybe also try clearing any possibly Cloudflar session cookies.

system · January 2, 2019, 6:37pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
Firewall Rule Block Multiple IP's using (ip.src in {x.x.x.x}) Security	5	9295	August 22, 2020
Firewall CIDR /24 IP blocking didn't work? Security	5	2358	June 5, 2020
WAF Firewall rule Error message CIDR Ranges Getting Started	11	3999	February 19, 2021
API call with IP Range CIDR not working API	5	2513	June 5, 2019
How to block an IP Range Security	4	15206	October 8, 2019

Firewall Rules

Related topics