Firewall Rules

firewall
bug

#1


This is a screenshot


#2

Can you post the expressions?

Blockings work well for me. Also ensure that you didn’t whitelist IPs within the IP firewall or Access rules. I am nit pretty sure which one triggers first.


#4

Try

(ip.src in {51.15.0.0/16 }) or (ip.src eq 113.123.59.128)

Action - block


#6

I dont believe src can be matched against a CIDR. You’d need to specify a proper IP address. eq does a full string comparison as far as I understood and in does the same against a list of strings.

Your use-case really is better done with access rules.


#7

I’ve generated the expression with the firewall. “IP address is in” results in “ip.src. in”

@lewosin
Are there any other rules allowing… what ever?

Have you tried to negate the rule?

(not ip.src in {51.15.0.0/16}) or (ip.src ne 113.123.5.183)

Action - Allow.

Though the strange thing is that challenge works. :thinking:


#8

My bad :blush:

image


#11

I just tested the CIDR value and it did block me in my case. Rules do not take immediate effect but it might take several seconds, maybe also try clearing any possibly Cloudflar session cookies.